Solved

How to prevent exe generation

Posted on 2002-06-14
6
352 Views
Last Modified: 2010-04-04
Hope somebody could give me some ideas about this:

I work in a Delphi development team as a programmer and project manager. As my responsability, I have to prevent that anyone of my team programmers take  the code with him, change a little the user interface and sales the product. Understand what I mean?

The Programmers needs to get access to all resources of the project (forms, units). I have been thinking in a some kind of restriction to prevent Exe generation like finding (in the build of project) for a hidden function or DLL or a password key. Another  fact is that the validation got to be hard to passby or find (you know, we are  programmers, we are smart).

All your comments will be apreciatted

NetoMan :)
0
Comment
Question by:NetoMan
6 Comments
 
LVL 2

Accepted Solution

by:
Hagen040798 earned 33 total points
Comment Utility
Some Units should be used in only complied form (packages), compiled by you as example. Then add some special units into this package or units that need an registrationkey. When You sale the compiled Application You have the get the right Registrationkey to let these protected units properly working. As Registrationkey are best possible some asymmetric stuff used and some code of the DCU can be encrypted. The DCU Format is not public but they exists on the WEB some DCU decompiler. So I think it where possible to encrypt DCU's code selective. In the unit initialization there then checked the right registrationkey and all procedure can be decrypted.

All in one an very big effort, better if you don't trust the programmers would be a strictly contract, I mean.

Hagen
0
 
LVL 45

Assisted Solution

by:aikimark
aikimark earned 33 total points
Comment Utility
NetoMan,

If you're that concerned about the honesty of your programmers, you need to do the following:
1. require non-disclosure agreements be signed by all staff.
2. require non-compete agreements be signed by all staff.
Note: both 1 and 2 usually apply to new applicants.  current applicants usually can't be forced to sign anything, unless you offer them something like a promotion.
3. create a "clean room" development environment with no email, no CD burners, and locked diskette drives.  The network in the room is not connected to other company LANs or the internet.
4. tie developer rewards to company performance.  If a developer pirates your software, they hurt part of their revenue stream.  Also, there is peer pressure to discourage piracy, since everyone is benefitting from software sales.
5. buy them new systems upon condition that they give you all their backups along with their systems.  You must agree to protect their privacy and destroy their backups.  This is tricky, since they must decide on the spot and you will follow them home to retrieve their system and data along with their new system, preventing them from hiding backups with company data.
0
 
LVL 9

Assisted Solution

by:ginsonic
ginsonic earned 33 total points
Comment Utility
I don't think that you can protect yourself at this stage.

I have same problem here. I remove any floppy or CD-RW from my systems but this don't solve my problem ( an external divice ... ).No internet, too.

An ideea is to have on systems just dcu for used components. Somewhere verify if is your system ( bios serial, HDD serial .. ). But any protection can be crack :(

The best idea is to select your people and stimulate their to be honests.
0
 
LVL 2

Author Comment

by:NetoMan
Comment Utility
I Agree with you guys that honesty and selectivity of the group is the "panacea" or the perferct environment. Since I can´t do anything about that, can you give me some examples/routines or references for implement some of the proteccionts you say.

All your comments are apreciated. I can split or give more points to all of you.

NetoMan :)
0
 
LVL 1

Expert Comment

by:pnh73
Comment Utility
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:

Split between aikimark, Hagen and ginsonic

Please leave any comments here within the next seven days.
 
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
 
Paul (pnh73)
EE Cleanup Volunteer
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Introduction The parallel port is a very commonly known port, it was widely used to connect a printer to the PC, if you look at the back of your computer, for those who don't have newer computers, there will be a port with 25 pins and a small print…
In this tutorial I will show you how to use the Windows Speech API in Delphi. I will only cover basic functions such as text to speech and controlling the speed of the speech. SAPI Installation First you need to install the SAPI type library, th…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now