• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Licences & trial concepts
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Licences & trial concepts


  • Subject: Re: Licences & trial concepts
  • From: Paul Forgey <email@hidden>
  • Date: Fri, 7 Apr 2006 23:06:37 -0700

I used to have a company that used a third party solution. And I work a little bit in cryptography so my view about these things is a bit critical.

There are many, many different ways to approach the problem but at the base of things it's a DRM issue. As such, it's cryptographically impossible to enforce (even with "trusted" hardware) as any solution you run at involves keeping a secret somewhere on the client's unrestricted machine. That's why copy protection never deters professional pirates. There's a lot of money to be made by claiming otherwise and selling black box solutions like dongles and wrappers. Some of these do work reasonable well for preventing the vast majority of casual infringement though. It's all about how hard you want to make it to reverse engineer.

If you do anything that talks to your web server, make it very clear what you are doing and why after asking the user. Otherwise you could be accused of "phoning home" behind the user's back.

#1 and #2 are probably the easiest and most effective ideas relative to the work involved in my opinion. There's very little stopping somebody from locating the call in your executable to the validation code and changing it.

On Apr 7, 2006, at 10:09 PM, Azza wrote:

Hi there everyone.

Im in the final stages of building a new application for osx in cocoa.

The next step for me is to develop a "30 day trial" and licence system
for... well... licencing :D

Theres a few concepts I had in mind:

* the tried and true, request a serial number, serial number is an encripted
timestamp or something telling the app when to exprire, but thats slow and
clunky for users who just want to use the application.
* the concept of creating a hash on my web server when the user first runs
the application, keeping that stored on both the server and the users
computer, so if they ever try to re-install after their time has run, the
server knows that they've run it before, and can boot'em... but that means
the user needs to have a net connection to run the app, and the type of app
it is renders that idea unsuitable
* i also pondered the idea of hiding the expiry timestamp somewhere really
tricky within the apps bundle, like, as meta data of the applications icon,
or embeded within some crazy file that the user wouldn't dare modify... Im
kinda thinking that may be the best way, BUT it does mean they can just
delete the bundle and download it again at any point to get an extra "30
days" etc...


Then I was thinking for the licence itself, there would be an encripted
string which would [ obviously ] mean something to the application and allow
it to run..


I'd take it some of you would have had to develop things like this before,
so I was wondering if you could give me some pointers/direction on what
you've learnt through the process...


Any help would be most appreciated.

Cheers
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden

_______________________________________________ Do not post admin requests to the list. They will be ignored. Cocoa-dev mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: This email sent to email@hidden
References: 
 >Licences & trial concepts (From: Azza <email@hidden>)

  • Prev by Date: [Moderator] Re: Licences & trial concepts
  • Next by Date: Re: Cocoa bindings performance
  • Previous by thread: [Moderator] Re: Licences & trial concepts
  • Next by thread: Re: Licences & trial concepts
  • Index(es):
    • Date
    • Thread