Generate key for a software developed using vb.net - vb.net

Hai guys,
I ve developed a salary calculating software using vb.net.... Its working fine and i ve converted it to an exe file... My drawback is it can be copied and pasted in another system very easily... I want to generate a key for the exe file and while installing the key should be used and when installation is completed ,the key should not be used again... Is this ya secured one or give me some ideas how it can be done....

There are many product on the market that will help you generate software keys, for example www.softwareshield.com and www.exeshield.com Or simply do a Google Search.
For more serious protection you can use a hardware key that unlocks your software, for example http://www.matrixlock.de/english/index.htm

It all depends on your adience.
If you are targetting end-users / home-users: no matter what you do, your software will be hacked (if it is good enough).
If you target the enterprise: Companies are mostly willing to buy your software, and do not copy to other companies. They have far more to loose when running illegal software. But also they are the first to complain if they cannot distribute your software using their distribution system. And this system will be blocked by your copy protection scheme.
Conclusion: Implement the simplest and cheapest protection scheme you can find. And also find a way you can bypass it easily if you want enterprises as your customer.

You'll need to sign your assembly, and have some form of online authentication process to manage the keys.

Whatever copy protection scheme you implement....just make sure that your paying users don't get a lot of discomfort from it.... You want to keep bad users from copying your software without permission, but when good users get problems because of faults in your copy protection software, you will lose a lot of credit.

Related

How to keep my vb.net program relatively secure

I wrote a small program in vb.net and I'm looking for a simple way to keep people from just copying the executable and running it on another machine for reverse engineering without the installer. I understand that if people want the program bad enough they will figure out a way to get a hold of it, I'm basically just looking for some kind of deterrent to keep our competitors from walking around and copying it.
Logan,
The bad news is that you cannot stop people from reverse engineering your desktop application. You have 2 options:
Create a web application instead. The code will run securely on your server.
Use Remote Desktop Services. This way you can install your program on your server and let the users use it via RDS. Here is an article that illustrates the concept and how to implement it on Microsoft Azure: https://technet.microsoft.com/en-us/library/cc755055.aspx
The standard approach is to create a license key that will only work on a specific machine and store it in the registry. This can be something as simple as:
When your app starts get a unique machine id (http://www.dreamincode.net/forums/topic/181408-get-unique-machine-ids/)
Perform a one way hash on it
See if this value is stored in the registry
If it isn't, display a dialog displaying the unique machine id and asking for the 'license'
Accept input of the license so they don't need to ask again
You can manually calculate the one way hash yourself for computers that you want to run the software on.
This won't stop a determined hacker but it'll keep the 99.9% of people who can't hack your software honest.

How should I go about to create a demo of my software with limited functionality?

I want to create a demo of my software with limited functionality. What is a good way of doing this?
More details about my specific situation:
I am developing small scale software and don't worry about crackers and such, but still I want to get the best protection for my software with the least effort. The application I am developing is written in VB.NET and I am writing it in Visual Studio 2013.
There are many questions marks I have about this:
-Does this kind of protection take time to implement or is there a simple way? (I'm looking for a simple implementation)
-Should I use some kind of third-party service for this?
-If I use license keys, how do I generate the license keys?
I would be glad for either a complete or partial answer to my question
A basic solution is
1. Using registry (Windows) 2. or a license file. 3. or Online activation
I just give you the technical suggestion not code.
Using registry
Complete your soft but on the init page (Starting page) do the registry checking and find for a key if it is available load your project with full access, if not load with limited features.
Using license file
When client install your software to their machine. Your software first ask the product key. If a valid product key entered your software can generate a machine specific license file and store it to your software's installation location. From the next time your soft will get the license file while opening so it will not ask for a product key.
Now for machine specific license you can use device MAC (But it is a bad practice), Client name and details information and the encrypt it and save as license file.
Using online activation
You can easily create online activation. In this case when some one buy your soft you just create a online account for him to your activation system and give the client the product key generated by your online activation system. So than when client enter product key your soft can download client info and store it as a license file.
There are many other techniques available. And you can implement your one also. Think!

Protect source code at delopment time in tfs

I use TFS , My question is how can i sure about that developer who work on a project can not copy source file and evict or extract them from office by Email,flash memory,USB,... ?
Is there any solution with TFS?
Can anyone help me?
TFS has no ability to do this, once a file has been retrieved from TFS it is just another text file on your computer you will have to use other tools to do what you want.
Opening it up to tools outside of TFS it is extremely difficult to do what you want to do but it is possible. Your best option is contact a security firm that often works with government defense contractors and have them set up your network IT security, some government defense contractors have the same requirements as you list and they would know all the things you would need to do.
Off the top of my head some of the things you will likely need to do is:
Use group policy to block writeable media from being used to block flash drives and CD-Rs.
Block internet access to stop webmail.
Block printing to stop people printing out the source then using a scanner and OCR software on another computer to turn it back in to code.
Not allow any device that can take photographs in areas where source code may be on screen as the same OCR procedure could be done with photographs.
This list is no where near complete and I would recommend contacting a security firm to get a complete list.

Why use sysprep for Sharepoint 2010 Developer VMs?

I have read several articles about creating a Sharepoint Developer VM. They all say to "sysprep" them. Why (exactly) must the sysprep be done? What kind of problems (and why) will we run into if we don't sysprep them?
(I suppose what I am asking is, what would be the difference in doing "sysprep" and just bringing up the VM, changing its Name/IP, reboot then install SP?)
I've had success in the past with just copying Hyper-V vhd's as a method of cloning VM's - however, I now use sysprep when cloning any of my machines as it's been mentioned as a best practice in many places. And, it does some nice things like allowing you to cleaning up a bunch of stuff that I don't want to duplicate and letting me choose a new name for the machine on boot. From MS Sysprep Technical Reference:
Sysprep prepares a computer for disk
imaging or delivery to a customer by
configuring the computer to create a
new computer security identifier (SID)
when the computer is restarted. In
addition, Sysprep cleans up user- and
computer-specific settings and data
that must not be copied to a
destination computer.
And you may want to read Russinovich's post on The Machine SID Duplication Myth (and Why Sysprep Matters) for more good explanation of how SIDs work and the very last paragraph has another reason for going this route:
Note that Sysprep resets other
machine-specific state that, if
duplicated, can cause problems for
certain applications like Windows
Server Update Services (WSUS), so
Microsoft’s support policy will still
require cloned systems to be made
unique with Sysprep.
Good luck!

Salvaging a DataEase application

I've been asked to become the maintainer of a DataEase application after my customer had a few "problems" with the original developer.. I know nothing about DataEase (never heard of it before today, in fact), and my customer can't provide me with the original sources... Are they somehow "de-compilable" from the application itself?
Sources are tied to the database. You need DataEase Version related to the application and high level password.
DataEase applications are not compiled. But you need a copy of DataEase, either DOS or Windows depending on what you've been given.