The best approach I've seen is to make the activation key a fundamental required part of the application itself. Something like a dll for a windows app. If you can compile the dll on the fly you might want to collect some hardware and OS specifics from the machine the user is using, send those to the server and incorporate them into the compiled dll. That way, all you have to do on start-up is have the dll check to make sure the hardware and software configuration is right. That increases the customer support burden because people inevitably change things about their machines, but you have pretty high degree of confidence that your app is hard to pirate.
Depending on the size of the market for the app itself, you may or may not run into the problem of people circumventing the scheme and providing a cracked dll for people to download. It usually comes down to a trade-off between the effort required on your part; the size of the target market; the cost of support; and the cost risk of the activation scheme being compromised. There's also the question of perception. Most people aren't very keen on apps sending some unspecified information about their machines to a third party server. Going online and checking the serial every time the user starts up the app is almost certainly not a good idea, but it depends on the app. I travel a lot and a significant amount of the time while I'm in transit I don't have a network connection. If I had an app that I had paid for and used many times I would be beyond pissed off if it required the verification of the license key over the internet on every startup. Spike On 2/23/06, Robin Hilliard <[EMAIL PROTECTED]> wrote: > > Perhaps you could insert the UUID as a static string into the exe - > load the exe as string, search for "<<UUIDGOESHERE>>" and replace, > then download using cfcontent. This is assuming static strings > appear as clear text in exe. > > Robin > > On 24/02/2006, at 10:18 AM, Barry Beattie wrote: > > > > > can I add a quick 2 cents? > > > >>> I make a web-service call back the to the CF Server to validate the > > UUID is a paid customer in the DB. > > > > sometimes the computer that the exe is installed on has no (and may > > *never* have) internet connection. > > ______________ > > Robin Hilliard > Director - RocketBoots Pty Ltd > Professional Services for Macromedia Technologies > http://www.rocketboots.com.au > > For schedule/availability call Pamela Higgins: > w +61 7 5451 0362 > m +61 419 677 151 > e [EMAIL PROTECTED] > > or Direct: > m +61 418 414 341 > f +61 2 9798 0070 > e [EMAIL PROTECTED] > > *** Register for WebDU http://www.mxdu.com 2-3 March 2006 *** > > > > > -- -------------------------------------------- Stephen Milligan Do you do the Badger? http://www.yellowbadger.com Do you cfeclipse? http://www.cfeclipse.org --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cfaussie -~----------~----~----~----~------~----~------~--~---
