Re: Licences 101 - Copy Protection for Newbies
Re: Licences 101 - Copy Protection for Newbies
- Subject: Re: Licences 101 - Copy Protection for Newbies
- From: Mike Davis <email@hidden>
- Date: Mon, 23 Sep 2002 19:37:48 +0100
Or you could get SafeDisc for MacOS X if you want an off the self
solution.
On Monday, September 23, 2002, at 06:57 PM,
email@hidden wrote:
Date: Mon, 23 Sep 2002 11:08:27 -0400
To: Cocoa-Dev Apple <email@hidden>
From: Peter Sichel <email@hidden>
Subject: Re: Licences 101 - Copy Protection for Newbies
I think you have the basics below. I would offer some possible
refinements based on my experience:
(1) If you use a key checking algorithm (some hash of the users
name, organization, date, etc...) do not include the code
needed to generate valid keys within the software you supply to
customers. You can avoid this by encrypting the generated key
and then decrypting it in your application before applying
your key checking algorithm.
(2) If your registration keys are distributed electronically, consider
using an XML plist file as your registration key.
The user simply places the file in the same folder as the
application,
or copies (drags) the entire contents to a designated input field.
[You want the user to do as little typing as possible.]
The plist format gives you the flexibility to evolve your
registration mechanism as needed by adding expiration dates,
hardware identifiers, or stronger cryptography if desired.
Reading or writing the registration data to or from an
NSDictionary is a single line of code. Once in dictionary
form, checking or modifying registration attributes is easy.
(3) If you want to offer a fully functional trial period, on the
first run calculate an expiration date some time in the
future and write this date in a few different places on
the users hard drive. On subsequent runs, check each location
and use the earliest expiration date found. [People will often
try deleting preferences files to reset the trial]
(4) Do not try to roll your own encryption scheme or cryptography.
There are many good techniques widely available (consider SHA1
for hashing). Designing such algorithms is an advanced art.
(5) Even the best systems can be problematic for some customers
so think ahead how you will help them. If a customer has trouble
getting their registration key in time (check in the mail, etc.),
we send them a temporary 21-day key right away while we sort out
any registration problems.
(6) Tell your story. Let people know you are a real person
who works and needs to make a living. Explain your
protection system (without giving away any secret keys).
If your scheme phones home or sends an email, inform users up
front that's what the software is about to do and give them
a way to cancel. Users are more likely to pay for software
from an honest and trustworthy developer.
Enjoy!
- Peter
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.