Hey folks -
I'm working on an access database that I'm hoping to be able to sell to
small/medium sized business. I would like to do some trial and demoing, but
I'm worried about client's ability to undo the security measure that I put
in place. Specifically, I know that holding the 'shift' key disables all
startup options on launch, so that cancels any ability I have to shut down a
time-period demo.
How have you done it?
Steve 25 1551
"Steve Lefevre" <le********@osu.edu> wrote in
news:br**********@charm.magnus.acs.ohio-state.edu: Hey folks -
I'm working on an access database that I'm hoping to be able to sell to small/medium sized business. I would like to do some trial and demoing, but I'm worried about client's ability to undo the security measure that I put in place. Specifically, I know that holding the 'shift' key disables all startup options on launch, so that cancels any ability I have to shut down a time-period demo.
How have you done it?
I haven't. I don't. And it's unlikely that I will. What part of my
delivered applications has been stolen? None of which I am aware.
What about code that I've posted here? Some of it has appeared verbatim,
or thinly disguised, as the creation of someone else. Some of the basic
concepts I !!!!believe!!!! that I may have introduced seem to underlie
others' original work. I saw a website the other day which cited "their"
capability in writing a bit of tricky code that, actually, I wrote for
them. But am I right? I don't know, because parallel thinking often occurs
here, prompted by some thread or recurring theme in this newsgroup. So do
I lie awake worrying about this? No!
Am I angry? No!
Am I hungry? No!
Thieves can worry about thievery. I will worry about work.
And I never protect the user from himself/herself. You want to mess the
thing up? Be my guest! Right now it's a hundred bucks for me to show up
and a hundred for each hour, minimum $400.
Use it right and enjoy it. Use it wrong and be responsible for what you
have done.
Why am I being long-winded here? It's on purpose. We need (maybe) some
humongous big controversial thread that will so dominate the group for a
few weeks that EVERYTHING ELSE will be ignored.
--
Lyle
(for e-mail refer to http://ffdba.com/contacts.htm)
"Lyle Fairfield" <Mi************@Invalid.Com> wrote in message
news:Xn*******************@130.133.1.4... "Steve Lefevre" <le********@osu.edu> wrote in news:br**********@charm.magnus.acs.ohio-state.edu:
I haven't. I don't. And it's unlikely that I will. What part of my delivered applications has been stolen? None of which I am aware.
That's the problem. I want to make money. I've dealt with enough business
people to know that they will take every advantage they can. I want to be
aware of someone using my program without paying me.
"We used your app; it did some of what we want, but we're not interested in
purchasing it".
I've been the computer field long enough to know that nobody pays for
software when they don't have to. I want to make them have to, if they are
using it.
<snip> Am I angry? No! Am I hungry? No!
I am not angry, but I am kind of hungry lately, and a little bit thinner
than I used to be a few months ago. Apparently you are in a better financial
position than I am in right now. Maybe in a few years I can afford not to
worry about someone using my work for free, but right now, I can't. I really
need the money. And if people are benefitting from my work, I see no reason
why they shouldn't pay me. Thieves can worry about thievery. I will worry about work.
Now all that unregistered shareware is coming back to haunt me !!! No!!!! ;) And I never protect the user from himself/herself. You want to mess the thing up? Be my guest! Right now it's a hundred bucks for me to show up and a hundred for each hour, minimum $400.
Actually, that's not a bad idea! Use it right and enjoy it. Use it wrong and be responsible for what you have done.
Why am I being long-winded here? It's on purpose. We need (maybe) some humongous big controversial thread that will so dominate the group for a few weeks that EVERYTHING ELSE will be ignored. \
I appreciate your opinion.
Steve Lefevre wrote: Hey folks -
I'm working on an access database that I'm hoping to be able to sell to small/medium sized business. I would like to do some trial and demoing, but I'm worried about client's ability to undo the security measure that I put in place. Specifically, I know that holding the 'shift' key disables all startup options on launch, so that cancels any ability I have to shut down a time-period demo.
How have you done it?
Steve
It sounds like you've got a bit of reading to do. Download and read the
Access Security FAQ which details a bit of code you can use to stop the user
shift key bypassing the startup options.
And search the archives of this group at Google Groups for many an
interesting conversation regarding this subject.
Thank you Lyle, for the diversion. One question though:
You wrote ... others' original work. I saw a website the other day which cited "their" capability in writing a bit of tricky code that, actually, I wrote for them.
I have the greatest respect for you and I hope I'm not the culprit, but
over the years I've picked up stuff and sometimes forget where I learned
it. In the course of writing articles, I try to recall these things to give
credit where credit is due.
At any rate, if I failed to give you (or anyone, for that matter) credit
for code I've used in posts, articles or at my web site, I apologize.
Be assured it's an oversight, not ingratitude.
--
Danny J. Lesandrini dl*********@hotmail.com http://amazecreations.com/datafast
"Steve Lefevre" <le********@osu.edu> wrote in message
news:br**********@charm.magnus.acs.ohio-state.edu... Hey folks -
I'm working on an access database that I'm hoping to be able to sell to small/medium sized business. I would like to do some trial and demoing,
but I'm worried about client's ability to undo the security measure that I put in place. Specifically, I know that holding the 'shift' key disables all startup options on launch, so that cancels any ability I have to shut down
a time-period demo.
Expand your horizons.
Don't use Access.
Use Jet for the database if you like.
Just don't use Access for your application.
How about Java?
Then you can sell it to Linux, Unix, Mac, etc. users as well.
Write once. Run anywhere.
That's the ticket.
"Lyle Fairfield" <Mi************@Invalid.Com> wrote in message
news:Xn*******************@130.133.1.4... What about code that I've posted here?
Stored in a folder called 'LylesShit'.
At least thats where it is on my system.
"rkc" <rk*@yabba.dabba.do.rochester.rr.nope> wrote in message
news:Kn******************@twister.nyroc.rr.com...
Expand your horizons. Don't use Access. Use Jet for the database if you like. Just don't use Access for your application.
How about Java? Then you can sell it to Linux, Unix, Mac, etc. users as well. Write once. Run anywhere. That's the ticket.
Now you're talking about turning a 80-hour project into a 500-hour project.
I know Access and I can make stuff that's useable, which means sellable. I
don't know Java, and I would start off by making crappy software, and it
would take quite a long time to get to where I am now with Access.
Steve,
You can put a lot of effort in trying to prevent .... but,
just make sure your demo doesn't work too long ...
In your mainform:
If Date >= ExpireDate then
Msgbox "Bye, Demo has expired."
Application.Quit
End if
It's unlikely that users will change the systemdate.
If they are willing to do this, let them ...
they are not going to be a paying client IMO
--
Hope this helps
Arno R
"Steve Lefevre" <le********@osu.edu> schreef in bericht
news:br**********@charm.magnus.acs.ohio-state.edu... Hey folks -
I'm working on an access database that I'm hoping to be able to sell to small/medium sized business. I would like to do some trial and demoing, but I'm worried about client's ability to undo the security measure that I put in place. Specifically, I know that holding the 'shift' key disables all startup options on launch, so that cancels any ability I have to shut down a time-period demo.
How have you done it?
Steve
"rkc" <rk*@yabba.dabba.do.rochester.rr.nope> wrote in news:PsIDb.23101
$J*******@twister.nyroc.rr.com: "Lyle Fairfield" <Mi************@Invalid.Com> wrote in message news:Xn*******************@130.133.1.4... What about code that I've posted here?
Stored in a folder called 'LylesShit'.
Well-named; I can always count on you to bring some reality to my rantings. I
value that.
--
Lyle
(for e-mail refer to http://ffdba.com/contacts.htm)
"Danny J. Lesandrini" <dl*********@hotmail.com> wrote in
news:br************@ID-82595.news.uni-berlin.de: Thank you Lyle, for the diversion. One question though:
You wrote ... others' original work. I saw a website the other day which cited "their" capability in writing a bit of tricky code that, actually, I wrote for them.
I have the greatest respect for you and I hope I'm not the culprit, but over the years I've picked up stuff and sometimes forget where I learned it. In the course of writing articles, I try to recall these things to give credit where credit is due.
At any rate, if I failed to give you (or anyone, for that matter) credit for code I've used in posts, articles or at my web site, I apologize. Be assured it's an oversight, not ingratitude.
Never you.
--
Lyle
(for e-mail refer to http://ffdba.com/contacts.htm)
"Arno R" <ar****************@tiscali.nl> wrote in message
news:3f**********************@dreader2.news.tiscal i.nl... Steve, You can put a lot of effort in trying to prevent .... but, just make sure your demo doesn't work too long ...
In your mainform: If Date >= ExpireDate then Msgbox "Bye, Demo has expired." Application.Quit End if
Isn't this easily removable by 1.holding shift to disable startup options
and 2. going into the vba editor and removing it?
On Tue, 16 Dec 2003 16:41:37 -0500, "nntp.service.ohio-state.edu"
<le********@osu.edu> wrote: "Arno R" <ar****************@tiscali.nl> wrote in message news:3f**********************@dreader2.news.tisca li.nl... Steve, You can put a lot of effort in trying to prevent .... but, just make sure your demo doesn't work too long ...
In your mainform: If Date >= ExpireDate then Msgbox "Bye, Demo has expired." Application.Quit End if
Isn't this easily removable by 1.holding shift to disable startup options and 2. going into the vba editor and removing it?
Why distribute an MDB? Just hardcode the ExpireDate in a module and
distribute an MDE.
There are some third-party utilities out there that claim to do this, but I
know nothing about them. I distribute as an .mde file, with security on the
backend. I limit the number of records to xx, then when they decide to pay,
I email them a license "key", which they enter into their frontend, which
unlocks their frontends for unlimited use and unlimited records. I have, so
far, allowed unlimited users although I'm considering limiting the number
.... how to do that is another story.
Tony Toews has a good bit about this at his site: http://www.granite.ab.ca/access/demo.htm
Also, if you aren't sure how to disable the shiftkey, you are almost
certainly not ready to distribute Access apps to the general public ... not
to mean anything by this ... but there is a LOT more to remotely
distributing Access apps than copying a few files ... it is an art all in
itself!!
--
Scott McDaniel
CS Computer Software
Visual Basic - Access - Sql Server - ASP
"Steve Lefevre" <le********@osu.edu> wrote in message
news:br**********@charm.magnus.acs.ohio-state.edu... Hey folks -
I'm working on an access database that I'm hoping to be able to sell to small/medium sized business. I would like to do some trial and demoing,
but I'm worried about client's ability to undo the security measure that I put in place. Specifically, I know that holding the 'shift' key disables all startup options on launch, so that cancels any ability I have to shut down
a time-period demo.
How have you done it?
Steve
can you set up a terminal server with VPN / firewall...
and ship out a VPN client as your demo software..
and let the potential customer run the application MDE on your terminal server ?
"nntp.service.ohio-state.edu" <le********@osu.edu> wrote in message news:<br**********@charm.magnus.acs.ohio-state.edu>... "rkc" <rk*@yabba.dabba.do.rochester.rr.nope> wrote in message news:Kn******************@twister.nyroc.rr.com...
Expand your horizons. Don't use Access. Use Jet for the database if you like. Just don't use Access for your application.
How about Java? Then you can sell it to Linux, Unix, Mac, etc. users as well. Write once. Run anywhere. That's the ticket.
Now you're talking about turning a 80-hour project into a 500-hour project.
I know Access and I can make stuff that's useable, which means sellable. I don't know Java, and I would start off by making crappy software, and it would take quite a long time to get to where I am now with Access.
"Deano" <de*********@hotmail.com> wrote It sounds like you've got a bit of reading to do. Download and read the Access Security FAQ which details a bit of code you can use to stop the user shift key by- passing the startup options.
And, if the total cost of yours and all other Access software that the
particular person wants to use is less than US$150, then you won't have to
worry about them purchasing "password recovery" software and cracking Access
security. For all its apparent complexity, Access security is rather easy to
break.
And search the archives of this group at Google Groups for many an interesting conversation regarding this subject.
Yes, there are some. It is, in fact, possible to implement a limited trial
that can't be cracked easily, by putting limits on the amount of data and
enforcing those limits in code, and distributing an MDE. It's not that an
MDE _could not_ be cracked; you could purchase software to crack the VB4
equivalent. Still, we haven't heard of any MDE back to source, even crummy
source, software.
But, you should understand that another reason Lyle and others of us do not
bother overly much with security schemes is that an experienced Access
developer can re-create most any Access application in a relatively short
time just from watching it used. So limiting the extent of your trial
version may work, but it really will not protect your application.
I'd say this is one of the issues that kept me from ever being very
interested in distributing Access applications as shareware or commercial
software. I've only done paying work on "bespoke systems", tailored for an
individual customer, and also given away free quite a lot of things, mostly
examples rather than complet applications.
Good luck.
Larry Linson
Microsoft Access MVP
Do NOT click on the URL in the above post
--
Scott McDaniel
CS Computer Software
Visual Basic - Access - Sql Server - ASP
1. do not rely on access security, all usernames and passwords can be
cracked
2. if the restriction is date > systemdate, yes they will change the
systemdate to try to use it for free
3. my solution was to have the app phone home and authenticate
- it allows the user 3 uses w/o authenticating
- info about usage is stored in the registry
- if they cannot write to the registry then they have to authenticate
every time
- use an encrypted MDE and in the startup routine, have code like: If
Admin then End
John Bickmore www.BicycleCam.com www.Feed-Zone.com
"Jim Allensworth" <ji****@Notdatacentricsolutions.com> wrote in message
news:3f****************@news.west.earthlink.net... On Tue, 16 Dec 2003 16:41:37 -0500, "nntp.service.ohio-state.edu" <le********@osu.edu> wrote:
"Arno R" <ar****************@tiscali.nl> wrote in message news:3f**********************@dreader2.news.tisca li.nl... Steve, You can put a lot of effort in trying to prevent .... but, just make sure your demo doesn't work too long ...
In your mainform: If Date >= ExpireDate then Msgbox "Bye, Demo has expired." Application.Quit End if
Isn't this easily removable by 1.holding shift to disable startup options and 2. going into the vba editor and removing it?
Why distribute an MDB? Just hardcode the ExpireDate in a module and distribute an MDE.
On Wed, 17 Dec 2003 17:00:00 GMT, "xzzy" <mr********@comcast.net>
wrote: 1. do not rely on access security, all usernames and passwords can be cracked
Well, I don't know of any experienced developers who do rely on
security beyond keeping users from shooting themselves in the foot. 2. if the restriction is date > systemdate, yes they will change the systemdate to try to use it for free
Who cares if they are going to use a crippled app? I can't imagine
anyone allowing misdated invoices or purchase orders. 3. my solution was to have the app phone home and authenticate - it allows the user 3 uses w/o authenticating - info about usage is stored in the registry - if they cannot write to the registry then they have to authenticate every time - use an encrypted MDE and in the startup routine, have code like: If Admin then End
Phone home? I would never even take a look at an application that had
the restrictions that you mention. Demoware or shareware no matter.
- Jim
"xzzy" <mr********@comcast.net> wrote in news:jY%Db.415249$ao4.1348904
@attbi_s51: 3. my solution was to have the app phone home and authenticate - it allows the user 3 uses w/o authenticating - info about usage is stored in the registry - if they cannot write to the registry then they have to authenticate every time - use an encrypted MDE and in the startup routine, have code like: If Admin then End
This is very sad.
Who could work like this?
Would there be any joy in life where one did?
--
Lyle
(for e-mail refer to http://ffdba.com/contacts.htm)
"Jim Allensworth" <ji****@Notdatacentricsolutions.com> wrote in message
news:3f****************@news.west.earthlink.net...
(snip) Phone home? I would never even take a look at an application that had the restrictions that you mention. Demoware or shareware no matter.
Personally, I agree. But another reglar poster said in another group today
(I forget which), that he thinks this will happen more & more in future.
Obviously, DRM is here to stay. Since they can't protect their keys when
they are "coded in", there will surely be a push to obtain those keys at
runtime, over the net. That method, if it happens, will probably leak down
into application protection methods, in due course.
TC
"Jim Allensworth" <ji****@Notdatacentricsolutions.com> wrote in message
news:3f****************@news.west.earthlink.net... Phone home? I would never even take a look at an application that had the restrictions that you mention. Demoware or shareware no matter.
So, you don't use MS Offce 2k or later?
On Thu, 18 Dec 2003 11:10:01 -0500, "Steve Lefevre"
<le********@osu.edu> wrote: "Jim Allensworth" <ji****@Notdatacentricsolutions.com> wrote in message news:3f****************@news.west.earthlink.net.. . Phone home? I would never even take a look at an application that had the restrictions that you mention. Demoware or shareware no matter.
So, you don't use MS Offce 2k or later?
Only when I gotta. Few companies have the clout of MS. I noticed that
TurboTax (Symantec) dropped their online registration requirements
this year because of an uproar over it last year when they started
doing it.
I use a personal firewall to intercept and manage those issues.
It reminds me of spyware. It would be too tempting for a company to
"phone back" some sensitive information. As I recall there was/is an
issue with XP installations on medical systems because of the
potential security problems. I use XP Pro, but keep it under close
wraps - as close as I can.
I wouldn't put in a expire date. What some do is limit the records in
a key table. When it is paid for send them a front end without the
limitation.
- Jim
the app I wrote that phones home costs $5,000 to $8,000 a pop, depending on
the number of seats. no one has ever cared that it phones home to
authenticate
John Bickmore www.BicycleCam.com www.Feed-Zone.com
"Jim Allensworth" <ji****@Notdatacentricsolutions.com> wrote in message
news:3f****************@news.west.earthlink.net... On Thu, 18 Dec 2003 11:10:01 -0500, "Steve Lefevre" <le********@osu.edu> wrote:
"Jim Allensworth" <ji****@Notdatacentricsolutions.com> wrote in message news:3f****************@news.west.earthlink.net.. . Phone home? I would never even take a look at an application that had the restrictions that you mention. Demoware or shareware no matter.
So, you don't use MS Offce 2k or later?
Only when I gotta. Few companies have the clout of MS. I noticed that TurboTax (Symantec) dropped their online registration requirements this year because of an uproar over it last year when they started doing it.
I use a personal firewall to intercept and manage those issues.
It reminds me of spyware. It would be too tempting for a company to "phone back" some sensitive information. As I recall there was/is an issue with XP installations on medical systems because of the potential security problems. I use XP Pro, but keep it under close wraps - as close as I can.
I wouldn't put in a expire date. What some do is limit the records in a key table. When it is paid for send them a front end without the limitation.
- Jim
I'll swap you my app, for your app!
TC
"xzzy" <mr********@comcast.net> wrote in message
news:GnpEb.81850$8y1.287291@attbi_s52... the app I wrote that phones home costs $5,000 to $8,000 a pop, depending
on the number of seats. (snip)
For me, I simply use an MDE with a coded password saved in the system
which locks out the various screens from the user. Leave a screen
accessible for them to enter the code into. It would be very difficult
to work out how to change the password to enable the system to work
longer. It has a start and end date that it works out, but again, you
could probably get around this quite easily by changing the date of
the PC (although it will show incorrectly on the accounts and
reports).
Yes, the user can hold shift and get into the design view. MDE limits
access to code. OK, so this can be worked around, but the assumption I
work to is that if someone would go to the effort of doing this and
knew what they were doing, they would probably would have had a go at
this app themselves and wouldn't need me.
If anyone asked for the code, I'd happily give out examples, but like
to put a reasonable amount of effort into stopping them.
This is all until I can make enough money to justify buying either VB
or Delphi which I would prefer to have written it in.
If one person wrote it, someone else can crack it.
Ryan www.ryan.dial.pipex.com This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Yang Li Ke |
last post by:
Hi guys!
Anyone know a way so that users purchasing
my scripts would not be able to share them
with other people ?
Yang
|
by: Alan Sheehan |
last post by:
Hi pythonistas,
I am looking for methods of deploying applications with end users so
that the python code is tamper proof. What are my options ?
I understand I can supply .pyc or .pyo files...
|
by: Roland Hall |
last post by:
I read Aaron's article: http://www.aspfaq.com/show.asp?id=2276 re:
protecting images from linked to by other sites. There is a link at the
bottom of that page that references an interesting...
|
by: Jonathan Henderson |
last post by:
Obfuscators aren't only used for protecting intellectual property.
See the hacker demo at this link:
http://www.preemptive.com/documentation/NetHackerDemo.html
For those who don't know what...
|
by: John |
last post by:
Dear all,
I've got a security question that is so difficult that "maybe" there will be
no answer for it. It's regarding protecting asp code.
I did write some asp code, that I sell to...
|
by: netsurfer |
last post by:
hi..I'm working on a project that requires files to be password
protected on a UNIX based site. The people that own the web site want
to be able to change the password every so often. ...
|
by: Nick J |
last post by:
Hi,
How do I go about protecting my access database so that..
1) Nobody can edit any forms (reason being so nobody can remove the txt box
that states who developed it, change it to their name...
|
by: Shawn |
last post by:
Hi.
I have a folder that contains a lot of different documents. xls, .doc, .pdf
etc. Different users have access to different documents. The problem is
that if a user knows the name of a...
|
by: flit |
last post by:
Hello All,
I have a hard question, every time I look for this answer its get out
from the technical domain and goes on in the moral/social domain.
First, I live in third world with bad gov., bad...
|
by: xamman |
last post by:
hi there! according to msdn (link at bottom) i should be able to
protect a whole class declaratively as above. However i keep getting
'request for principal permissions failed' exceptions.
in...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |