• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 357
  • Last Modified:

Unique to one system application

Hi all,

My intention is to burn my application onto CDs when I'm ready to distribute it.
Each CD will contain a 'unique to one machine application'  - So that my app will only work on that one user's system. Of course this will rely on me sending the prospective buyer/user a small exe to read in the BIOS or HDD serial. They would then e-mail me the BIOS/HDD# and then I would custom write that number into the unique application instance then burn the resulting app onto CD. This would be a simple way to stop the app being given to friends and neighbors etc. Trouble is, it includes a few steps to implement everything.

Can anybody offer any advice about the method I'm planning? Or, if indeed such a ploy is logical and/or feasible? Perhaps there's a simpler way that you might know of and wish to share. Any info will be appreciated.

I see potential problems with this specific system deployment... Supposing the user buys a new HDD or changes systems, the app would then not work. The user could ask me for another serial #, which in effect could be for his friends PC ;-) Any thoughts on this?

Please don't just redirect me to websites offering security components... I can Google my way to those myself. I want to get first hand info from the EE fraternity :-)
(BTW,I have seen the earlier post and URL pointing to TurboPower ProActivate)

1 Solution
First, I would dump the first executable pulling your unique ID's for you to burn into the executable. This is more trouble than it is worth. Instead, include in your application an algorithm which:

A) Builds two codes based on the internal components you list, neither of which is stored

Have the users install and run application which would then check an .ini file or database for the second code, which if found would allow normal startup. If the second code is not found, or the written version of the second code does not match the second code generated dynamically, then display the first code and prompt user for the second. The first code could be emailed, faxed, phoned, etc... to you, or you could even just put up a web page to have people register and submit code 'A'. Have an application on your end which will generate the correct code 'B' when 'A' is input.

Hope that makes sense to you.

As far as the user replacing HW, that is always going to be an issue, though through the registration process required to acquire activation code you do have a binding EULA as well as having some personal info on the original user you can try to use to verify that user is valid.  
IMHO, forget it.
First, you cannot enforce it because any part can be replaced.
Second, if I buy a piece of software I want it to run on any of my machines.

If you implement such restrictions you will simply have no users.

Just my 2c.
This kind of protection may work if you intend to sell a few copies of your app... otherwise it'll drive you crazy!

Depending on how much does your app costs, you may consider using a HardLock protection system, thats is far more professional... I use www.rainbow.com keys on my apps, here in Brazil a key is about US$ 45.00

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

I've used two methods in the software that I've developed so far:
 1) Used a hardware dongle - the system by itself was for the high end market which makes the cost a non-issue.
 2) checked system info and generated a unique key based on that. The user would connect to a website that would use that key to generate a password for the user and then store the password so that it was useless if tried again.

I've found that the 2nd method worked pretty good in most instances - I had 13000 users on running the system.

Hope you get your answer.
You simply cannot protect an application unless you control the hardware it will be run on!

Even Microsoft cannot do it.

The closest you can come is a hardware dongle thingy OR a modified floppy or CD that is used as a key

You can damage a floppy and use that as a key... it will be very hard to damage another one in exactly the same way... so you just have your program check for the correct damage...same with a cd... damage a cd and check for the damage. Of course a hacker can pick through your application and edit out the check code... just have many instances of check code...and have some of them hit randomly and some hit on future dates.. This way the hacked copies will keep failing :-)  and maybe a lot of users of the cracked apps will have become accustomed to using it and will just cave in and buy it when the cracked copy fails. (be sure and pop up a message saying it failed because it is cracked or they may think the software is just buggy :-)

Using this sort of scheme will make each copy of your app unique... hackers will try to get several copies and compare tham and look for the differences to find clues to help them write a crack.

I'd have lots of differences! make sure the cracker has a LOT to weed through!

good luck...
tongaliteAuthor Commented:
Loads of interesting stuff to think about.
Thanks everybody for your thoughts and responses.
Now comes the hard bit of awarding the points :)

I'll rest on it

tongaliteAuthor Commented:
thanks for your input.
Regarding part 2 of your solution... I would be grateful if you could mail me further details on how to implement that. I have my own website so this is a good option for me. If you care to mail me anything at all, examples, articles or just about any info at all, I would be obliged.
If you don't have anything further to add... no big deal, I'll persue the info through Google
>> just have many instances of check code...
now i understand why simple EXEs are becoming >10Mb in size :)
Wow, the accpeted answer is the same as what I stated earlier.

Boned again.
tongaliteAuthor Commented:
Hey YodaMage!

Sorry ya feel boned :-))))
How about I award you some points as well? I didn't really compare the comments that closely and I want to be fair.

Keep your eye out for the points :)
I think you better turn to some cheap dongle based solutions, and any other methoads are really difficult to make work properly in the situations you are speaking about.
In my company we use two methods of protection for our products - even for the same products depending on whom we have to ship our soft. But in any way if extra spents like 20-30 bucks for per copy protection is not vital for you (and your clients - mainly) - it's the best choice to use some dongle. Look here for more info, and some useful ideas on protection:

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now