Unique to one system application

Posted on 2002-06-26
Last Modified: 2010-05-18
Hi all,

My intention is to burn my application onto CDs when I'm ready to distribute it.
Each CD will contain a 'unique to one machine application'  - So that my app will only work on that one user's system. Of course this will rely on me sending the prospective buyer/user a small exe to read in the BIOS or HDD serial. They would then e-mail me the BIOS/HDD# and then I would custom write that number into the unique application instance then burn the resulting app onto CD. This would be a simple way to stop the app being given to friends and neighbors etc. Trouble is, it includes a few steps to implement everything.

Can anybody offer any advice about the method I'm planning? Or, if indeed such a ploy is logical and/or feasible? Perhaps there's a simpler way that you might know of and wish to share. Any info will be appreciated.

I see potential problems with this specific system deployment... Supposing the user buys a new HDD or changes systems, the app would then not work. The user could ask me for another serial #, which in effect could be for his friends PC ;-) Any thoughts on this?

Please don't just redirect me to websites offering security components... I can Google my way to those myself. I want to get first hand info from the EE fraternity :-)
(BTW,I have seen the earlier post and URL pointing to TurboPower ProActivate)

Question by:tongalite

Expert Comment

ID: 7110596
First, I would dump the first executable pulling your unique ID's for you to burn into the executable. This is more trouble than it is worth. Instead, include in your application an algorithm which:

A) Builds two codes based on the internal components you list, neither of which is stored

Have the users install and run application which would then check an .ini file or database for the second code, which if found would allow normal startup. If the second code is not found, or the written version of the second code does not match the second code generated dynamically, then display the first code and prompt user for the second. The first code could be emailed, faxed, phoned, etc... to you, or you could even just put up a web page to have people register and submit code 'A'. Have an application on your end which will generate the correct code 'B' when 'A' is input.

Hope that makes sense to you.

As far as the user replacing HW, that is always going to be an issue, though through the registration process required to acquire activation code you do have a binding EULA as well as having some personal info on the original user you can try to use to verify that user is valid.  

Expert Comment

ID: 7110682
IMHO, forget it.
First, you cannot enforce it because any part can be replaced.
Second, if I buy a piece of software I want it to run on any of my machines.

If you implement such restrictions you will simply have no users.

Just my 2c.

Expert Comment

ID: 7110692
This kind of protection may work if you intend to sell a few copies of your app... otherwise it'll drive you crazy!

Depending on how much does your app costs, you may consider using a HardLock protection system, thats is far more professional... I use keys on my apps, here in Brazil a key is about US$ 45.00

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.


Accepted Solution

jfvd earned 50 total points
ID: 7111453
I've used two methods in the software that I've developed so far:
 1) Used a hardware dongle - the system by itself was for the high end market which makes the cost a non-issue.
 2) checked system info and generated a unique key based on that. The user would connect to a website that would use that key to generate a password for the user and then store the password so that it was useless if tried again.

I've found that the 2nd method worked pretty good in most instances - I had 13000 users on running the system.

Hope you get your answer.

Expert Comment

ID: 7111800
You simply cannot protect an application unless you control the hardware it will be run on!

Even Microsoft cannot do it.

The closest you can come is a hardware dongle thingy OR a modified floppy or CD that is used as a key

You can damage a floppy and use that as a key... it will be very hard to damage another one in exactly the same way... so you just have your program check for the correct damage...same with a cd... damage a cd and check for the damage. Of course a hacker can pick through your application and edit out the check code... just have many instances of check code...and have some of them hit randomly and some hit on future dates.. This way the hacked copies will keep failing :-)  and maybe a lot of users of the cracked apps will have become accustomed to using it and will just cave in and buy it when the cracked copy fails. (be sure and pop up a message saying it failed because it is cracked or they may think the software is just buggy :-)

Using this sort of scheme will make each copy of your app unique... hackers will try to get several copies and compare tham and look for the differences to find clues to help them write a crack.

I'd have lots of differences! make sure the cracker has a LOT to weed through!

good luck...

Author Comment

ID: 7112421
Loads of interesting stuff to think about.
Thanks everybody for your thoughts and responses.
Now comes the hard bit of awarding the points :)

I'll rest on it


Author Comment

ID: 7112999
thanks for your input.
Regarding part 2 of your solution... I would be grateful if you could mail me further details on how to implement that. I have my own website so this is a good option for me. If you care to mail me anything at all, examples, articles or just about any info at all, I would be obliged.
If you don't have anything further to add... no big deal, I'll persue the info through Google

Expert Comment

ID: 7113008
>> just have many instances of check code...
now i understand why simple EXEs are becoming >10Mb in size :)

Expert Comment

ID: 7113576
Wow, the accpeted answer is the same as what I stated earlier.

Boned again.

Author Comment

ID: 7113760
Hey YodaMage!

Sorry ya feel boned :-))))
How about I award you some points as well? I didn't really compare the comments that closely and I want to be fair.

Keep your eye out for the points :)

Expert Comment

ID: 7949329
I think you better turn to some cheap dongle based solutions, and any other methoads are really difficult to make work properly in the situations you are speaking about.
In my company we use two methods of protection for our products - even for the same products depending on whom we have to ship our soft. But in any way if extra spents like 20-30 bucks for per copy protection is not vital for you (and your clients - mainly) - it's the best choice to use some dongle. Look here for more info, and some useful ideas on protection:


Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The uses clause is one of those things that just tends to grow and grow. Most of the time this is in the main form, as it's from this form that all others are called. If you have a big application (including many forms), the uses clause in the in…
Introduction I have seen many questions in this Delphi topic area where queries in threads are needed or suggested. I know bumped into a similar need. This article will address some of the concepts when dealing with a multithreaded delphi database…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

837 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question