One more comment for Walter....
I don't think using the serial number of Windows is a good idea,
especially where I live because no one pays for windows here, all copies are
pirated, copyright rules exist but never applied (No.. I don't live in hell)
:) and you never know when a client wants to update from win 98 or win 2000
or win Me to win XP... so this number is more variable than any other.
As for MAC Addresses and HDD Serial, I think the only reason for someone
to change a HDD is when it's damaged while they might change Motherboards
when the one they have comes obsolete but still use the same HDD that they
have cause all their data is on them.
So far, we haven't find a perfect solution, meanwhile we think this is
the best way to do things until something new and more reliable comes up...
Regards
Vahan
-----Original Message-----
From: [email protected] [mailto:[EMAIL PROTECTED] Behalf
Of Vahan Yoghoudjian
Sent: Tuesday, May 31, 2005 9:02 AM
To: [email protected]
Subject: RE: [list] RE: [delphi-en] Re: GUIDs and the registry
Thank you guys for your replies
Walter, I already use the HDD serial number to generate my activation
keys, therefore the keys are completely unique from each other and can not
be copied to another machine. Besides along with the HDD serial number we
have some registration data provided by the user himself that is truncated
and mixed with the HDD serial key according to a hard coded algorithm and
then encrypted and stored in the registry.
Even if this activation key was found in the registry and decrypted
successfully by any intruder, would be also hard to re-organize the
so-called 'syllables'. We're selling a point of sale product, if someone is
smart enough to decode this key I think he'd be smart enough to write his
own point of sale software and use it :)
As mentioned in this thread our problem is when someone changes the Hard
Drive, but since we are in direct relation with all our customer and provide
them support I think that can be handled easily by providing them a new key.
As you said I can store the key in
HKEY_LOCAL_MACHINE/Software/<>/ActivationKey but I do not want to give any
hints to the users how the application works.
I just wanted to know if there's any location in win registry that my
application can write data regardless of the windows user privileges... If
HKEY_LOCAL_MACHINE is the only location, I think I'd do some sacrifice and
store the key there...
Thanks again for all your replies
Vahan
-----Original Message-----
From: [email protected] [mailto:[EMAIL PROTECTED] Behalf
Of Walter Prins
Sent: Monday, May 30, 2005 4:33 PM
To: [email protected]
Subject: Re: [list] RE: [delphi-en] Re: GUIDs and the registry
Vahan,
Programs like RegMon (http://www.sysinternals.com/ntw2k/source/regmon.shtml)
makes it very easy to find things that are hidden merely by putting it in an
obscure place. IE I don't think that's a very good way of protecting the
app. It would be better in my humble opinion, to retrieve (for example) the
Windows serial number/key and/or activation key (which should be unique per
installation of Windows) at install time, and hash this in some way, and
store result of the hash (the hashed value) in a standard location for your
app, eg HKEY_LOCAL_MACHINE/Software/<>/ActivationKey. This way it doesn't
matter if the user sees it or knows how to use regedit as they won't know
what goes into the has value, nor how you calculate it.
When the application starts, it can simply recalculate the hashed value and
compare it to the install time value from the registry. Thus, even if the
user is clever enough to copy the app and the registry tree for your
application over to another PC, the new calculated hash value on the new
machine will be different to the one on the original machine (due to the
windows serial/key and other values being different), and thus the app won't
work unless they also modify all the registration/key etc values that you
use in your hash calculation to be the same as on the original machine.
Since they won't know exactly what you use, that is likely to be more hassle
than it's worth the average user. Good things to try and include would be:
Windows Product key, Activation key (if you can find it), Network Mac
address, HDD Serial number, Video card adapter ID string. etc.
Cheers
Walter
----- Original Message -----
From: "Vahan Yoghoudjian" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Monday, May 30, 2005 7:58 AM
Subject: RE: [list] RE: [delphi-en] Re: GUIDs and the registry
The license is done by machine not by user... The thing is that we
already have a folder as HKEY_LOCAL_MACHINE/Software/ that contains some
properties of the software, easy for any user who is aware of something
called windows registry to find it out, that's why I do not want to store
the activation key of the software in that same folder, but rather in an
unknown location in the registery...
Also, if possible, I would like that any user in windows, even with
limited privileges would be able to install the software (of course if he
has the right to do) and that my application always writes to the same
location in registery...
Thanks guys for your help
Vahan
-----------------------------------------------------
Home page: http://groups.yahoo.com/group/delphi-en/
To unsubscribe: [EMAIL PROTECTED]
----------------------------------------------------------------------------
----
Yahoo! Groups Links
a.. To visit your group on the web, go to:
http://groups.yahoo.com/group/delphi-en/
b.. To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
c.. Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
[Non-text portions of this message have been removed]
-----------------------------------------------------
Home page: http://groups.yahoo.com/group/delphi-en/
To unsubscribe: [EMAIL PROTECTED]
----------------------------------------------------------------------------
----
Yahoo! Groups Links
a.. To visit your group on the web, go to:
http://groups.yahoo.com/group/delphi-en/
b.. To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
c.. Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
[Non-text portions of this message have been removed]
-----------------------------------------------------
Home page: http://groups.yahoo.com/group/delphi-en/
To unsubscribe: [EMAIL PROTECTED]
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/delphi-en/
<*> To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
