Solved

security for application

Posted on 2001-06-21
10
189 Views
Last Modified: 2010-04-02
hello sir,

i know cd protection is a very big & internation problem but everything is possible.

v r working on vb6.

v want a solution for cd protection as well as application security without using a dongal (hardware lock : eprom) or any physical device.

restrictions :
1. cd to cd writing
2. copying cd to hdd

user can install from cd in him/her single pc only.

is any facility in c++ ?

thanx
bhavesh


0
Comment
Question by:Aurokripa
  • 2
  • 2
  • 2
  • +3
10 Comments
 
LVL 11

Expert Comment

by:griessh
Comment Utility
bhavesh

I tried something like that some time ago. I think you will have to come up with your own ideas. Why? If it cannot be in C++, because the language doesn't care about copy protection. It wouldn't be in the libraries that came with your compiler, since then it would be easy for everybody to understand how it works and find a way around it.
So the only option you have is to go out and find a company that sells yoy their copy protection or find your own way to solve that problem.

Sorry

======
Werner
0
 
LVL 32

Expert Comment

by:jhance
Comment Utility
Auro...,

If there were a simple, inexpensive, and foolproof way of doing this, don't you think EVERYONE would be using it?

As briefly as possible, my opinion is that THIS CANNOT BE DONE simply, inexpensively, in such a way that it is effective against pirates but not inconvenient to paying customers.

I've said it before and I'll say it again:

"Pirates don't buy software.  Paying customers don't pirate.  Spend your resources with the paying customers and ignore the pirates."

0
 
LVL 7

Expert Comment

by:KangaRoo
Comment Utility
I rather agree with what jhance said, why waste your resources to people who have no intention of paying anyway? They simply won't use your product if they have to pay.

But anyway, a quick survey showed that http://www.cdmediaworld.com/hardware/cdrom/cd_protections.shtml might be interesting.
0
 
LVL 11

Expert Comment

by:griessh
Comment Utility
I just noticed:
>>user can install from cd in him/her single pc only.
That would require a write to the CD to save the 'number of licenses'. Without a CD/RW this wouldn't work at all.

Maybe you should adopt the new Microsoft licensing: use a combination of all types of hardware information and with this info let the user call in to get a key to unlock the software. You will have many unhappy customers ;-)

In 3 words: don't do it!
======
Werner
0
 
LVL 3

Expert Comment

by:cypherljk
Comment Utility
Like many of the experts have already stated this is very difficult however there are several solutions used by the gaming industry and large companies like Rational and of course the new crap Microsoft is rolling out.

1.) Game Developer magazine has an article on Spyro 'Year of the Dragon' they used numerous checksums to determine if the software had been cracked.

2.) If you get enterprise class software like Rational Clearcase a server application is used to authenticate the client applications liscence where obviously there is strict control over a liscence that may/may not have expiriation dates that you have to periodically dl from the s/w vendor

3.) With XP M$ only allows certain number of installs and it extensively polls the h/w on your machine to generate a key similar to way pgp keys are created.

Obviously these techniques will only last for a certain period of time and are annoying like the M$ one,  Spyro's protection was only design to keep the cracks off the net during the 1st 4 mos the game launched since this is when a games make the most money.  Obviously with a application with a longer lifecycle (like most apps) this needs to be enhanced for longer defensiveness.

My 2 cents...
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 49

Expert Comment

by:DanRollins
Comment Utility
Ahh, a topic near and dear to my heart...

You need to have the user call in and get an unlock code to enable the software on every installation.  It might be worth the hassle (to you and your customers) if your software sells for more than $500.00 (US) per unit.

Another alternative is to ship the CD with a floppy diskette.  Floppy diskette copy protection is relatively easy to do.  Have the floppy contain just the custom install program (and the bad-track shennaigans that lets you do the copy-protection) and all the cab files are on the CD.

-- Dan
0
 

Expert Comment

by:NickAtBOM
Comment Utility
The best way I know to do it is like this...

Every computer has a NIC (network interface card) that contains a globally unique identifier.  You can get your code to get the identifier and (combined with other information about the machine eg processor speed, hard disk capacity etc) calculate and display a number (or combination of numbers and letters) to the user.  The user is then required to ring you, the software provider, with this number.  You can use this first number to produce a second number, using a specific algorithm.  The user then types this second number into the program.  The program uses the same algorithm and (knowing the first number) can work out whether the second number is genuine, and thus unlock the software.  Every time the program is run, the second number is checked against the first.  Since the private part of this process is the algorithm, the two numbers can be stored in a public place (eg registry on NT, or a file).

There are several mathmatical processes that would make the second number very hard to calculate if you did not know the algorithm, even if you had several examples of first number / second number combinations.

The disadvantages of this system is that it ties the licence to one computer, so you have to provide a licence migration facility.  Also if you sell a lot of copies of your software, then it is a big operation to provide keys.

Hope this helps...
0
 
LVL 7

Expert Comment

by:KangaRoo
Comment Utility
Bah,

So if your NIC changes, or you exchange a hard drive, or add some memory, the program won't run anymore. Then the client has to take action to get a new number, pull out all kinds of paper work and probably wait for weeks before some dumb and marginal software company delivers a new key.

While the pirate that happily uses a hacked version has no such problems at all?

Are actually trying to /promote/ piracy here?
0
 
LVL 49

Accepted Solution

by:
DanRollins earned 200 total points
Comment Utility
If your software is popular enough that some hacker has taken the time to crack your algorithm and post it on the hacker sites,....

...then you are probably driving a Beamer and vacationing in the Bahamas andyway.  No Worries.

-- Dan
0
 

Expert Comment

by:NickAtBOM
Comment Utility
KangaRoo

Thank you very much for your extremely constructive comments.  I'm sure that we all look forward to hearing your solution to this problem.

In response to some of your points:  yes; every time you change your computer, you need a new key.  If you a business user, changing your desktop configuration tends to happen rarely.  Considering the licence could have cost 10s of thousands of dollars, making one phone call is no big deal.  If your software company can't organise its end with efficiency, it will lose business pretty quickly.

Admittedly, this method won't protect against piracy of the next Half-Life, but for several big business systems it can (and does) work.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

This article will show you some of the more useful Standard Template Library (STL) algorithms through the use of working examples.  You will learn about how these algorithms fit into the STL architecture, how they work with STL containers, and why t…
Many modern programming languages support the concept of a property -- a class member that combines characteristics of both a data member and a method.  These are sometimes called "smart fields" because you can add logic that is applied automaticall…
The goal of the video will be to teach the user the concept of local variables and scope. An example of a locally defined variable will be given as well as an explanation of what scope is in C++. The local variable and concept of scope will be relat…
The viewer will be introduced to the member functions push_back and pop_back of the vector class. The video will teach the difference between the two as well as how to use each one along with its functionality.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now