Solved

Hiding Trial Period Information

Posted on 2008-06-10
12
337 Views
Last Modified: 2010-04-21
Hi Experts,

Just a simple quick question. Where is the best place to hide the start date of the applications trial phase?
0
Comment
Question by:reynaldio
  • 4
  • 3
  • 3
  • +2
12 Comments
 
LVL 6

Expert Comment

by:JapyDooge
ID: 21750465
What i did in the past

A regkey with another name
md5 of install date (date only)

program starts and does md5 to the last 30 days in history in a while
as long as the md5 is not valid, its exceeded

offcourse u can use more than 30
0
 
LVL 18

Expert Comment

by:Johnjces
ID: 21751563
I have created a bizarre registry key that made little sense but only to me and then did a fairly simple encryption of the start and/or end date.

Generally under HKLM.

This by no means is fool proof but works for the majority of people and keeps most people honest.

John
0
 
LVL 13

Expert Comment

by:rfwoolf
ID: 21753872
...yes, but would that work in VISTA?
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 18

Expert Comment

by:Johnjces
ID: 21753916
Absolutely not UNLESS you have done all of the Vista UAC preparations, proper manifest, created a helper application or a COM dll to retrieve the information from that part of the registry.

Guess we should have stated works for XP and 2000 but Vista is a different "animal".

John
0
 
LVL 2

Expert Comment

by:Ustin19
ID: 21766416
Storing keys\trials in HKCR does search and freezing trial slower. For example, Ka$persky Antivirus V5 stored it's key information there
0
 
LVL 2

Author Comment

by:reynaldio
ID: 21768013
hi,

so it is common to put the information under windows registry.  i was thinking to put this information in a file and hide it in the windows system folder. is it a good idea?
0
 
LVL 2

Expert Comment

by:Ustin19
ID: 21777453
it is easy to sniff all registry and file operations, but it is a few more hard to be not obfuscated by HKCR registry branch naming rules - and if application uses any COM\OLE, it becomes not so trivial. And if it will be polymorphian name (e.g. lastruntime depended, in advanced case - patching exe file with random value before start or using external checksum storage) - it will be good obfuscation for majority of lamers.
Maybe, some distructive code (it is very hard variant, use it only if program is semiprivate) solutions you choose
0
 
LVL 2

Accepted Solution

by:
Ustin19 earned 200 total points
ID: 21777487
next advice:
default value in registry is "" or not present.
Fill it during installation (xor, md5, GOSTR, RSA1024 as you wish of _installation_ date), then (at start) check encrypt(today), encrypt(today-1), ... encrypt(today-trialperiod) {it is not so long :) } and, if no of this functions returns true, assume end of trial period and delete storage for preventing of aposteriory analysists
0
 
LVL 2

Expert Comment

by:Ustin19
ID: 21777508
Combination of prewiours posts guarantee your exe from kiddies at all, but not from patching jmp to nop
0
 
LVL 18

Assisted Solution

by:Johnjces
Johnjces earned 200 total points
ID: 21779396
Here's a link that may help you out a bit more. It is a delphi.about.com article on the subject. MOre links, software and one free version that does quite a bit.

http://delphi.about.com/od/objectpascalide/a/aa012803a.htm

John
0
 
LVL 2

Author Comment

by:reynaldio
ID: 21779747
Hi all,

thank you for all your advices.
Johnjces -> thank you for the great links you gave me.
I have problems assigning the points since there are no right or wrong answers here.
but i'm gonna give the points to John for his links and Ustin19 for a more complete ideas :)

Thanks,

Reynaldi
0
 
LVL 2

Author Closing Comment

by:reynaldio
ID: 31465697
thanks guys :)
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article is the second of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers the basic installation and configuration of the test automation tools used by…
Introduction This article is the last of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers our test design approach and then goes through a simple test case example, how …
The viewer will learn how to implement Singleton Design Pattern in Java.
This tutorial covers a step-by-step guide to install VisualVM launcher in eclipse.

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question