Re: Protecting Software w/ Software License Keys...
Re: Protecting Software w/ Software License Keys...
- Subject: Re: Protecting Software w/ Software License Keys...
- From: "Erik J. Barzeski" <email@hidden>
- Date: Mon, 17 Jun 2002 16:09:53 -0400
Hi,
There are a few problems I could foresee, the first of which involves the
overhead and infrastructure necessary to have this back-and-forth process
(time, money, effort, problems) as well as the fact that not every Mac has a
serial number.
Besides, a cracker will get around this in a matter of days... And you're
back to the same old "just try to get the honest people to pay" but in this
case, I'd add "but don't piss them off with a cumbersome process."
On 6/17/02 4:03pm, "Kyle Moffett" <email@hidden> wrote:
>
I have been thinking about the problems with this for
>
some time and I figured out a fairly smart shareware
>
registration scheme:
>
>
1) The developer generates their own private key,
>
and hides it on their hard disk. They take the public
>
key that matches it, and include it as a resource
>
inside the program. It doesn't matter if the public key
>
is obtained by a hacker, because of the nature of
>
public-private key cryptography.
>
>
2) The developer distributes their program along
>
with an additional registration program. The
>
registration program asks the user for their name
>
and organization. The user is asked how many
>
computers they wish to register.
>
1) Program detects and/or asks for the serial
>
number of the machine.
>
>
2 and up) Program detects/asks for the serial
>
number, saves it to a file, and tells the user
>
to run the program on all the remaining
>
machines with the same file, or enter all the
>
remaining serial numbers.
>
>
Unlimited license) Program records that fact.
>
>
3) The data recorded by the program is sent to the
>
developer by whatever means available, email,
>
web site, snail-mail, etc. The developer/automated
>
web site charges the customer for whatever amount,
>
based on the number of computers registered, and
>
uses the given private key to encrypt the request
>
before sending the data back to the user by the
>
same means.
>
>
4) The registration program stores the encrypted
>
data in the system preferences.
>
>
5) When the shareware program is run, it checks
>
the preferences for the data, and if it is present,
>
attempts to decrypt it using the public key. If the
>
decryption is a success, then the program checks
>
the serial number stored within against the one it
>
obtains from the system, and if it is equal, the
>
application enables the additional features.
>
>
Of course, the entire registration system should be
>
carefully linked statically in the application, and
>
should be completely C routines, with extra care
>
in ensuring that it would take a lot of work to tinker
>
with the memory used by the system or substitute
>
other code for it. Ideally all the locked processing
>
functions would have a C call to ensure the app
>
is registered.
>
--
Kindest regards,
Erik J. Barzeski
"It ain't braggin' if you can do it."
-- Dizzy Dean, 1930's baseball player
###################################################################
Email: erik@(anything below) AIM: iacas
http://iacas.org http://weims.net
http://techstra.net http://barzeski.com
http://cocoadevcentral.com http://soundsetcentral.com
http://freshlysqueezedsoftware.com http://applescriptcentral.com
###################################################################
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.