469,631 Members | 1,776 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,631 developers. It's quick & easy.

Store date permanently

Hi, I'm writing an activation system for a software, which allows a 15 days
grace period. Now the question is... how can I store the date? It has to be
kept even if the software is reinstalled, and it must not be too easy to
find/delete. I could write a hidden file somewhere in the system or hide it
in the registry, but if it is a limited XP account, I'm quite limited. Any
genious idea!? I tried Isolated Storage, but just moving the assembly files
creates a new Isolated Storage, so it's of no use.

Thanks!

Etienne
Getting a beta version out soon...
Sep 2 '05 #1
12 1510
It's not uncommon of install program to requires Admin account.
For example you can't install VS.NET if you're not admin.
I haven't tried with Office but I bet it will requires to be admin as well.
Once you requires admin right to install, you could set a key in the
registry!

Anyway, even with a limited user account, I wouldn't be surprise if you've
got read/write access to the following registry key:
System.Windows.Forms.Application.CommonAppDataRegi stry
"Etienne" <my****************@hotmail.com> wrote in message
news:Oc**************@TK2MSFTNGP09.phx.gbl...
Hi, I'm writing an activation system for a software, which allows a 15
days grace period. Now the question is... how can I store the date? It has
to be kept even if the software is reinstalled, and it must not be too
easy to find/delete. I could write a hidden file somewhere in the system
or hide it in the registry, but if it is a limited XP account, I'm quite
limited. Any genious idea!? I tried Isolated Storage, but just moving the
assembly files creates a new Isolated Storage, so it's of no use.

Thanks!

Etienne
Getting a beta version out soon...

Sep 2 '05 #2
Etienne wrote:
Hi, I'm writing an activation system for a software, which allows a 15 days
grace period. Now the question is... how can I store the date? It has to be
kept even if the software is reinstalled, and it must not be too easy to
find/delete. I could write a hidden file somewhere in the system or hide it
in the registry, but if it is a limited XP account, I'm quite limited. Any
genious idea!? I tried Isolated Storage, but just moving the assembly files
creates a new Isolated Storage, so it's of no use.

Thanks!

Etienne
Getting a beta version out soon...


Hiding it in the registry or the filesytem isn't much use really if the
user knows how to use filemon or regmon (free utilities from
http://www.sysinternals.com/)
Sep 2 '05 #3
it's the best one can do anyway!
and there is no stopping a hacker anyway, it could always decompile the
code, as far as .NET code is concerned...
better target honnest customer!

I also thought of a more tedious thing, the app could require a licence file
to run, with some encrypted data!
that won't stopper a hacker from decompiling/modifying the app, but average
user won't be able to do much about it.
But that might make the install process too complex for some average user
(if it has to donwload additional file or copy/paste big strings)
--
"A preoccupation with the next world pretty clearly signals an inability to
cope credibly with this one."

"C-Services Holland b.v." <cs*@REMOVEcsh4u.nl> wrote in message
news:zr********************@zeelandnet.nl...
Etienne wrote:
Hi, I'm writing an activation system for a software, which allows a 15
days grace period. Now the question is... how can I store the date? It
has to be kept even if the software is reinstalled, and it must not be
too easy to find/delete. I could write a hidden file somewhere in the
system or hide it in the registry, but if it is a limited XP account, I'm
quite limited. Any genious idea!? I tried Isolated Storage, but just
moving the assembly files creates a new Isolated Storage, so it's of no
use.

Thanks!

Etienne
Getting a beta version out soon...


Hiding it in the registry or the filesytem isn't much use really if the
user knows how to use filemon or regmon (free utilities from
http://www.sysinternals.com/)

Sep 2 '05 #4
True, but if you combine the value with some known salt (which could be
constant or machine-based), and then encrypt it, you can check the salt is
still there when you decrypt the value. That way if the user changes the
stored value, you'll know about it.

Of course, if you want the value to persist after uninstallation, and the
user has fiddled, you need a way to let them get back to a non-fiddled
state. Also, you might be violating XP-compliance by leaving stuff on the
machine after uninstallation.

Stu
"C-Services Holland b.v." <cs*@REMOVEcsh4u.nl> wrote in message
news:zr********************@zeelandnet.nl...
Etienne wrote:
Hi, I'm writing an activation system for a software, which allows a 15
days grace period. Now the question is... how can I store the date? It
has to be kept even if the software is reinstalled, and it must not be
too easy to find/delete. I could write a hidden file somewhere in the
system or hide it in the registry, but if it is a limited XP account, I'm
quite limited. Any genious idea!? I tried Isolated Storage, but just
moving the assembly files creates a new Isolated Storage, so it's of no
use.

Thanks!

Etienne
Getting a beta version out soon...


Hiding it in the registry or the filesytem isn't much use really if the
user knows how to use filemon or regmon (free utilities from
http://www.sysinternals.com/)

Sep 2 '05 #5
Ok, this may sound like and ad, but I am a semi-regular poster so I
hope it's not taken that way... =)

I found this in one of our FoxPro Advisor magazines. (Yes, we currently
have VFP as our core here, we are migrating to .Net)

FoxPro Advisor (August 2005, p30)
Protect VFP Applications With Armadillo

I have not used this software yet, but the article seemed to point out
that it was a fairly reliable system. I do not know if you are wanting
a free solution or if your company doesn't mind springing for the
protection, but here is the link to their website:

http://siliconrealms.com/index.shtml

It might be worth a look. It does work with other languages.

Sep 2 '05 #6
Hi,

IMO it's much better to ship a limited version, which they can use as long
as they want. Checking the install date is a pain and very difficult to
enforce,
I had a similar dilemma and opted for the limited version approach. A
posible solution I considered was requesting an internet connection and at
load time I check the HDD id with a central server, but I had to discard
this idea as this particular client had no permanent internet connection and
as some other poster said it's farly trivial to see the code.
cheers,

--
Ignacio Machin,
ignacio.machin AT dot.state.fl.us
Florida Department Of Transportation

"Etienne" <my****************@hotmail.com> wrote in message
news:Oc**************@TK2MSFTNGP09.phx.gbl...
Hi, I'm writing an activation system for a software, which allows a 15
days grace period. Now the question is... how can I store the date? It has
to be kept even if the software is reinstalled, and it must not be too
easy to find/delete. I could write a hidden file somewhere in the system
or hide it in the registry, but if it is a limited XP account, I'm quite
limited. Any genious idea!? I tried Isolated Storage, but just moving the
assembly files creates a new Isolated Storage, so it's of no use.

Thanks!

Etienne
Getting a beta version out soon...

Sep 2 '05 #7
MS put out a free Shareware Starter Kit that allow trial/license versions
and interface to Paypal, etc.
http://sharewarestarterkit.com/

--
William Stacey [MVP]

"Etienne" <my****************@hotmail.com> wrote in message
news:Oc**************@TK2MSFTNGP09.phx.gbl...
Hi, I'm writing an activation system for a software, which allows a 15
days grace period. Now the question is... how can I store the date? It has
to be kept even if the software is reinstalled, and it must not be too
easy to find/delete. I could write a hidden file somewhere in the system
or hide it in the registry, but if it is a limited XP account, I'm quite
limited. Any genious idea!? I tried Isolated Storage, but just moving the
assembly files creates a new Isolated Storage, so it's of no use.

Thanks!

Etienne
Getting a beta version out soon...

Sep 2 '05 #8
As long as it it .NET 2.0.

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

***************************
Think Outside the Box!
***************************
"William Stacey [MVP]" wrote:
MS put out a free Shareware Starter Kit that allow trial/license versions
and interface to Paypal, etc.
http://sharewarestarterkit.com/

--
William Stacey [MVP]

"Etienne" <my****************@hotmail.com> wrote in message
news:Oc**************@TK2MSFTNGP09.phx.gbl...
Hi, I'm writing an activation system for a software, which allows a 15
days grace period. Now the question is... how can I store the date? It has
to be kept even if the software is reinstalled, and it must not be too
easy to find/delete. I could write a hidden file somewhere in the system
or hide it in the registry, but if it is a limited XP account, I'm quite
limited. Any genious idea!? I tried Isolated Storage, but just moving the
assembly files creates a new Isolated Storage, so it's of no use.

Thanks!

Etienne
Getting a beta version out soon...


Sep 2 '05 #9
Methods commonly used:

1. Registry key
2. File hidden somewhere in the file system (generally encrypted)
3. DLL compiled (using Reflection.Emit()) by the installer (custom installer)

No matter what you do, a clever hacker will find a way to break your
product. There are programs that watch the registry and file system while
programs are installed, so files can be seen. There are also programs that
watch memory so hackers can see registration calls.

In addition, .NET compiles to MSIL, so the best you can do is obfuscate. A
clever hacker can find calls to registration, however.

But, you probably know all of this already. The average Joe is whom you are
trying to make buy your software, so any of the above tricks (registry, file,
compiled code on install) will work. It is not a bad idea to use more than
one, as it will take a bit longer to hack your program.

Lesson learned: You can't keep a professional thief out forever, but you can
make it hard for the petty thief.

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

***************************
Think Outside the Box!
***************************
"Etienne" wrote:
Hi, I'm writing an activation system for a software, which allows a 15 days
grace period. Now the question is... how can I store the date? It has to be
kept even if the software is reinstalled, and it must not be too easy to
find/delete. I could write a hidden file somewhere in the system or hide it
in the registry, but if it is a limited XP account, I'm quite limited. Any
genious idea!? I tried Isolated Storage, but just moving the assembly files
creates a new Isolated Storage, so it's of no use.

Thanks!

Etienne
Getting a beta version out soon...

Sep 2 '05 #10
I've used the Win32 APIs CredWrite and CredRead to store a blob containing
this kind of data. You might be able to use .NET's CredentialCache class if
it's generic enough to store a date string as a credential associated with a
Uri of your choice. It's slightly less visible to Administrators than
registry entries.

You could mangle the date anyway so that it wouldn't be obvious to someone
who saw it how to extend it, if that's a concern.
--
Phil Wilson
[Microsoft MVP-Windows Installer]
"Etienne" <my****************@hotmail.com> wrote in message
news:Oc**************@TK2MSFTNGP09.phx.gbl...
Hi, I'm writing an activation system for a software, which allows a 15
days grace period. Now the question is... how can I store the date? It has
to be kept even if the software is reinstalled, and it must not be too
easy to find/delete. I could write a hidden file somewhere in the system
or hide it in the registry, but if it is a limited XP account, I'm quite
limited. Any genious idea!? I tried Isolated Storage, but just moving the
assembly files creates a new Isolated Storage, so it's of no use.

Thanks!

Etienne
Getting a beta version out soon...

Sep 2 '05 #11
Yes, the code is obfuscated, and there's a licensing/activation system.
Basically, to run, the app needs a License.dat file containing the serial
key and an activation code. I read those, validate against the computer
code, and determine if app can run. If it can't, I request internet or phone
activation to get valid activation code for current computer. If he alters
the license file, it will reject it. If he moves it to another computer, it
will reject it.

As for how to store the date, I though about storing current date on app
startup, but it could also be during setup. This way, I have administrative
rights (since I also have to install MSDE, and the .Net framework if it's
not already installed). Would it work if I write a file in a system folder
containing encrypted date, then mark it as available to everybody? If
someone runs the software from a limited account, he needs to be able to
read the file.

This should be a good approach, I'll look into it. Thanks guys!

Etienne

"Cowboy (Gregory A. Beamer) - MVP" <No************@comcast.netNoSpamM> wrote
in message news:51**********************************@microsof t.com...
Methods commonly used:

1. Registry key
2. File hidden somewhere in the file system (generally encrypted)
3. DLL compiled (using Reflection.Emit()) by the installer (custom
installer)

No matter what you do, a clever hacker will find a way to break your
product. There are programs that watch the registry and file system while
programs are installed, so files can be seen. There are also programs that
watch memory so hackers can see registration calls.

In addition, .NET compiles to MSIL, so the best you can do is obfuscate. A
clever hacker can find calls to registration, however.

But, you probably know all of this already. The average Joe is whom you
are
trying to make buy your software, so any of the above tricks (registry,
file,
compiled code on install) will work. It is not a bad idea to use more than
one, as it will take a bit longer to hack your program.

Lesson learned: You can't keep a professional thief out forever, but you
can
make it hard for the petty thief.

--
Gregory A. Beamer
MVP; MCP: +I, SE, SD, DBA

***************************
Think Outside the Box!
***************************
"Etienne" wrote:
Hi, I'm writing an activation system for a software, which allows a 15
days
grace period. Now the question is... how can I store the date? It has to
be
kept even if the software is reinstalled, and it must not be too easy to
find/delete. I could write a hidden file somewhere in the system or hide
it
in the registry, but if it is a limited XP account, I'm quite limited.
Any
genious idea!? I tried Isolated Storage, but just moving the assembly
files
creates a new Isolated Storage, so it's of no use.

Thanks!

Etienne
Getting a beta version out soon...

Sep 2 '05 #12
Excellent link :-)

--
"A preoccupation with the next world pretty clearly signals an inability to
cope credibly with this one."

"William Stacey [MVP]" <st*****@mvps.org> wrote in message
news:%2***************@TK2MSFTNGP15.phx.gbl...
MS put out a free Shareware Starter Kit that allow trial/license versions
and interface to Paypal, etc.
http://sharewarestarterkit.com/

--
William Stacey [MVP]

"Etienne" <my****************@hotmail.com> wrote in message
news:Oc**************@TK2MSFTNGP09.phx.gbl...
Hi, I'm writing an activation system for a software, which allows a 15
days grace period. Now the question is... how can I store the date? It
has to be kept even if the software is reinstalled, and it must not be
too easy to find/delete. I could write a hidden file somewhere in the
system or hide it in the registry, but if it is a limited XP account, I'm
quite limited. Any genious idea!? I tried Isolated Storage, but just
moving the assembly files creates a new Isolated Storage, so it's of no
use.

Thanks!

Etienne
Getting a beta version out soon...


Sep 3 '05 #13

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

14 posts views Thread by Etienne | last post: by
1 post views Thread by rdemyan via AccessMonster.com | last post: by
reply views Thread by gheharukoh7 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.