473,224 Members | 1,391 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,224 software developers and data experts.

Storing secret code for all users

Hello,

We want to add a secret code which is the expiration date and the number of
uses of the trial software in storage. Saving this code in the Windows
Registry is not a good choice, because the user may not have access right.
Also adding it to IsolatedStorage is for one user and is not for all the
users. Eventhough I thought IsolatedStorage could help on this.

I am wondering how and where we could add the expiration date and number in
a safe place, so it will be hard for the user to find and delete that code.
Is there any other idea on how to manage the trail software expiration, so it
will expire at the specified date or the number of uses?

Regards,
--
Mike

Nov 27 '05 #1
8 1915
typically there are 2 places you hsould be able to write in all
circumstances:
- the registry hive for the application
- the aplication's app data directory

"Mike9900" <Mi******@discussions.microsoft.com> wrote in message
news:B2**********************************@microsof t.com...
Hello,

We want to add a secret code which is the expiration date and the number
of
uses of the trial software in storage. Saving this code in the Windows
Registry is not a good choice, because the user may not have access right.
Also adding it to IsolatedStorage is for one user and is not for all the
users. Eventhough I thought IsolatedStorage could help on this.

I am wondering how and where we could add the expiration date and number
in
a safe place, so it will be hard for the user to find and delete that
code.
Is there any other idea on how to manage the trail software expiration, so
it
will expire at the specified date or the number of uses?

Regards,
--
Mike

Nov 27 '05 #2
Registry Aplication Hive could be deleted by the user as well as the
application app directory. Is it possible to give an example code in both
cases? For me these two cases are not secure, but I see that Windows XP or
some other apps write in a secure place until they are activated. Where does
Windows write the key until it is activate?
--
Mike
"Lloyd Dupont" wrote:
typically there are 2 places you hsould be able to write in all
circumstances:
- the registry hive for the application
- the aplication's app data directory

"Mike9900" <Mi******@discussions.microsoft.com> wrote in message
news:B2**********************************@microsof t.com...
Hello,

We want to add a secret code which is the expiration date and the number
of
uses of the trial software in storage. Saving this code in the Windows
Registry is not a good choice, because the user may not have access right.
Also adding it to IsolatedStorage is for one user and is not for all the
users. Eventhough I thought IsolatedStorage could help on this.

I am wondering how and where we could add the expiration date and number
in
a safe place, so it will be hard for the user to find and delete that
code.
Is there any other idea on how to manage the trail software expiration, so
it
will expire at the specified date or the number of uses?

Regards,
--
Mike


Nov 27 '05 #3
> I am wondering how and where we could add the expiration date and
number in a safe place, so it will be hard for the user to find and
delete that code. Is there any other idea on how to manage the trail
software expiration, so it will expire at the specified date or the
number of uses?

Store the data in the application's registry hive, and require the key to
be present for the application to start. To stop users from changing the
expiration date you can use the Cryptography classes to calculate a hash
for the expiration data.

Anders Norås
http://dotnetjunkies.com/weblog/anoras/
Nov 27 '05 #4
In this case you don't have reinvent the wheel. Check out
sharewarestarterkit.com.

--
William Stacey [MVP]

"Mike9900" <Mi******@discussions.microsoft.com> wrote in message
news:B2**********************************@microsof t.com...
Hello,

We want to add a secret code which is the expiration date and the number
of
uses of the trial software in storage. Saving this code in the Windows
Registry is not a good choice, because the user may not have access right.
Also adding it to IsolatedStorage is for one user and is not for all the
users. Eventhough I thought IsolatedStorage could help on this.

I am wondering how and where we could add the expiration date and number
in
a safe place, so it will be hard for the user to find and delete that
code.
Is there any other idea on how to manage the trail software expiration, so
it
will expire at the specified date or the number of uses?

Regards,
--
Mike

Nov 27 '05 #5
What if the user uninstall and then install the application? If the user
unistalls the application and then delete the application hive and then
install the application, it will add a new key to the registry upon
installation. We need a place in the registry that if the user uninstalls the
application and deletes the application hive it won't remove the secret key
or the expiration date.

By the application hive do you mean in the
HKEY_LOCAL_MACHINE\SOFTWARE\Company\Application ? or another place?

--
Mike
"Anders Norås" wrote:
I am wondering how and where we could add the expiration date and
number in a safe place, so it will be hard for the user to find and
delete that code. Is there any other idea on how to manage the trail
software expiration, so it will expire at the specified date or the
number of uses?

Store the data in the application's registry hive, and require the key to
be present for the application to start. To stop users from changing the
expiration date you can use the Cryptography classes to calculate a hash
for the expiration data.

Anders Norås
http://dotnetjunkies.com/weblog/anoras/

Nov 27 '05 #6
WRH
Hello

Perhaps writing encrypted values in the registry not during
installation but upon first startup and in two locations, one not
associated with the app. I believe the only way to delete it would
be a registry edit of both locations. I realize that the keys would
be left over if the app is uninstalled and thus the app would not
be a good registry citizen but its hard to come up with
reasonably secure means.


"Mike9900" <Mi******@discussions.microsoft.com> wrote in message
news:B2**********************************@microsof t.com...
Hello,

We want to add a secret code which is the expiration date and the number
of
uses of the trial software in storage. Saving this code in the Windows
Registry is not a good choice, because the user may not have access right.
Also adding it to IsolatedStorage is for one user and is not for all the
users. Eventhough I thought IsolatedStorage could help on this.

I am wondering how and where we could add the expiration date and number
in
a safe place, so it will be hard for the user to find and delete that
code.
Is there any other idea on how to manage the trail software expiration, so
it
will expire at the specified date or the number of uses?

Regards,
--
Mike

Nov 27 '05 #7
Sounds nice, but does anyone knows of any algorithm I can use for this purpose?
--
Mike
"WRH" wrote:
Hello

Perhaps writing encrypted values in the registry not during
installation but upon first startup and in two locations, one not
associated with the app. I believe the only way to delete it would
be a registry edit of both locations. I realize that the keys would
be left over if the app is uninstalled and thus the app would not
be a good registry citizen but its hard to come up with
reasonably secure means.


"Mike9900" <Mi******@discussions.microsoft.com> wrote in message
news:B2**********************************@microsof t.com...
Hello,

We want to add a secret code which is the expiration date and the number
of
uses of the trial software in storage. Saving this code in the Windows
Registry is not a good choice, because the user may not have access right.
Also adding it to IsolatedStorage is for one user and is not for all the
users. Eventhough I thought IsolatedStorage could help on this.

I am wondering how and where we could add the expiration date and number
in
a safe place, so it will be hard for the user to find and delete that
code.
Is there any other idea on how to manage the trail software expiration, so
it
will expire at the specified date or the number of uses?

Regards,
--
Mike


Nov 28 '05 #8
Most times it is done with a public/private key pair. The server signs a
license (full, or trial) and the license has an expire date and license
type - among other fields you want to track. This could be just a simple
xml file in plain text. The signature could only be signed with your
private key at your server site. Then distro the license files as needed
(purchased, etc). If the user does not have a valid license file, your
program stays in eval mode (for example.) So absence or presents of a
license file is the controlling factor, not some reg key that you can't
really hide anyway. The program verifies the license and signature using
the public key. It gets a bit more complex as now this license will work
for anyone. So you also want to factor in a machine hash so that means they
need to send you a machine hash (that your program calculates) and that is
stored in the license. The program also verifies the machine hash in
license against a new machine hash that calculated at each startup to see if
they match. Simple in the abstract, but the devil is in all those details.
That is why I pointed you to the MS code that already does all this for you.

--
William Stacey [MVP]

"Mike9900" <Mi******@discussions.microsoft.com> wrote in message
news:48**********************************@microsof t.com...
Sounds nice, but does anyone knows of any algorithm I can use for this
purpose?
--
Mike
"WRH" wrote:
Hello

Perhaps writing encrypted values in the registry not during
installation but upon first startup and in two locations, one not
associated with the app. I believe the only way to delete it would
be a registry edit of both locations. I realize that the keys would
be left over if the app is uninstalled and thus the app would not
be a good registry citizen but its hard to come up with
reasonably secure means.


"Mike9900" <Mi******@discussions.microsoft.com> wrote in message
news:B2**********************************@microsof t.com...
> Hello,
>
> We want to add a secret code which is the expiration date and the
> number
> of
> uses of the trial software in storage. Saving this code in the Windows
> Registry is not a good choice, because the user may not have access
> right.
> Also adding it to IsolatedStorage is for one user and is not for all
> the
> users. Eventhough I thought IsolatedStorage could help on this.
>
> I am wondering how and where we could add the expiration date and
> number
> in
> a safe place, so it will be hard for the user to find and delete that
> code.
> Is there any other idea on how to manage the trail software expiration,
> so
> it
> will expire at the specified date or the number of uses?
>
> Regards,
> --
> Mike
>


Nov 28 '05 #9

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: Francisco | last post by:
I have this problem: I have a database with information about games, and users are able to vote for them. Everytime a user votes for a game I store the unique game name into a session variable (an...
3
by: Sean | last post by:
HI, I have a shopping cart in which I am trying to use breadcrumb style navgiation. I need to be able to display the categroy heading relating to the section of the site a visitor is using i.e...
3
by: Peter Hardy | last post by:
Hi guys, Sorry for the cross-post but I got no response in the asp.net newsgroup. I am trying to develop a mini e-learning application where the user provides content for each page....
5
by: - Steve - | last post by:
I have a website that uses forms based authentication. In the logon.aspx page a user enters a username and password. It is then authenticated against Active Directory. After that point on any...
5
by: Morten Mikkelsen | last post by:
Hi, On my SQL Server 2000, I have a table of data (tblAllData) containing a number of columns, some of which are 'secret'. I have to let some users access the database using ODBC from an Excel...
6
by: (PeteCresswell) | last post by:
User wants to go this route instead of storing pointers in the DB and the documents outside. Only time I tried it was with only MS Word docs - and that was a loooong time ago - and it seemed to...
5
by: per9000 | last post by:
Hi all, I want to create an encryption program and started thinking about not storing sensitive information in the memory since I guess someone might steal my computer an scan my memory. So I...
1
by: webcm123 | last post by:
I'm looking for a good method of securing ratings. Cookies lock isn't sufficient. In addition to cookies I would need something else. I'm introducing some ways. -= Storing rates inside seperate...
3
by: Eric Wertman | last post by:
I've a number of scripts set up that require a username/password combination to log in elsewhere. It's gotten to the point where I need to keep them in a more secure location, instead of just in...
1
isladogs
by: isladogs | last post by:
The next online meeting of the Access Europe User Group will be on Wednesday 6 Dec 2023 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, Mike...
0
by: veera ravala | last post by:
ServiceNow is a powerful cloud-based platform that offers a wide range of services to help organizations manage their workflows, operations, and IT services more efficiently. At its core, ServiceNow...
0
by: VivesProcSPL | last post by:
Obviously, one of the original purposes of SQL is to make data query processing easy. The language uses many English-like terms and syntax in an effort to make it easy to learn, particularly for...
3
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 3 Jan 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). For other local times, please check World Time Buddy In...
0
by: jianzs | last post by:
Introduction Cloud-native applications are conventionally identified as those designed and nurtured on cloud infrastructure. Such applications, rooted in cloud technologies, skillfully benefit from...
0
by: abbasky | last post by:
### Vandf component communication method one: data sharing ​ Vandf components can achieve data exchange through data sharing, state sharing, events, and other methods. Vandf's data exchange method...
2
by: jimatqsi | last post by:
The boss wants the word "CONFIDENTIAL" overlaying certain reports. He wants it large, slanted across the page, on every page, very light gray, outlined letters, not block letters. I thought Word Art...
0
Git
by: egorbl4 | last post by:
Скачал я git, хотел начать настройку, а там вылезло вот это Что это? Что мне с этим делать? ...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.