Solved

Hiding Trial Period Information

Posted on 2008-06-10
12
336 Views
Last Modified: 2010-04-21
Hi Experts,

Just a simple quick question. Where is the best place to hide the start date of the applications trial phase?
0
Comment
Question by:reynaldio
  • 4
  • 3
  • 3
  • +2
12 Comments
 
LVL 6

Expert Comment

by:JapyDooge
ID: 21750465
What i did in the past

A regkey with another name
md5 of install date (date only)

program starts and does md5 to the last 30 days in history in a while
as long as the md5 is not valid, its exceeded

offcourse u can use more than 30
0
 
LVL 18

Expert Comment

by:Johnjces
ID: 21751563
I have created a bizarre registry key that made little sense but only to me and then did a fairly simple encryption of the start and/or end date.

Generally under HKLM.

This by no means is fool proof but works for the majority of people and keeps most people honest.

John
0
 
LVL 13

Expert Comment

by:rfwoolf
ID: 21753872
...yes, but would that work in VISTA?
0
 
LVL 18

Expert Comment

by:Johnjces
ID: 21753916
Absolutely not UNLESS you have done all of the Vista UAC preparations, proper manifest, created a helper application or a COM dll to retrieve the information from that part of the registry.

Guess we should have stated works for XP and 2000 but Vista is a different "animal".

John
0
 
LVL 2

Expert Comment

by:Ustin19
ID: 21766416
Storing keys\trials in HKCR does search and freezing trial slower. For example, Ka$persky Antivirus V5 stored it's key information there
0
 
LVL 2

Author Comment

by:reynaldio
ID: 21768013
hi,

so it is common to put the information under windows registry.  i was thinking to put this information in a file and hide it in the windows system folder. is it a good idea?
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 2

Expert Comment

by:Ustin19
ID: 21777453
it is easy to sniff all registry and file operations, but it is a few more hard to be not obfuscated by HKCR registry branch naming rules - and if application uses any COM\OLE, it becomes not so trivial. And if it will be polymorphian name (e.g. lastruntime depended, in advanced case - patching exe file with random value before start or using external checksum storage) - it will be good obfuscation for majority of lamers.
Maybe, some distructive code (it is very hard variant, use it only if program is semiprivate) solutions you choose
0
 
LVL 2

Accepted Solution

by:
Ustin19 earned 200 total points
ID: 21777487
next advice:
default value in registry is "" or not present.
Fill it during installation (xor, md5, GOSTR, RSA1024 as you wish of _installation_ date), then (at start) check encrypt(today), encrypt(today-1), ... encrypt(today-trialperiod) {it is not so long :) } and, if no of this functions returns true, assume end of trial period and delete storage for preventing of aposteriory analysists
0
 
LVL 2

Expert Comment

by:Ustin19
ID: 21777508
Combination of prewiours posts guarantee your exe from kiddies at all, but not from patching jmp to nop
0
 
LVL 18

Assisted Solution

by:Johnjces
Johnjces earned 200 total points
ID: 21779396
Here's a link that may help you out a bit more. It is a delphi.about.com article on the subject. MOre links, software and one free version that does quite a bit.

http://delphi.about.com/od/objectpascalide/a/aa012803a.htm

John
0
 
LVL 2

Author Comment

by:reynaldio
ID: 21779747
Hi all,

thank you for all your advices.
Johnjces -> thank you for the great links you gave me.
I have problems assigning the points since there are no right or wrong answers here.
but i'm gonna give the points to John for his links and Ustin19 for a more complete ideas :)

Thanks,

Reynaldi
0
 
LVL 2

Author Closing Comment

by:reynaldio
ID: 31465697
thanks guys :)
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Java DateChooser? 3 29
oracle 11g 23 50
I want to use librsync in my Delphi backup application. 3 30
Configure a Bean in an XML file 4 9
Introduction This article is the first of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article explains our test automation goals. Then rationale is given for the tools we use to a…
Java functions are among the best things for programmers to work with as Java sites can be very easy to read and prepare. Java especially simplifies many processes in the coding industry as it helps integrate many forms of technology and different d…
Viewers learn about the “for” loop and how it works in Java. By comparing it to the while loop learned before, viewers can make the transition easily. You will learn about the formatting of the for loop as we write a program that prints even numbers…
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now