Mine doesn't actually make any attempts to hook up on-line. All it
does is auto-create an e-mail IF possible using simple MAPI, and place it in
the outbox giving instructions to the user to make sure it gets sent out.
If this is impossible it creates a txt file with all the necessary encoded
information and tells the user to get it to me by any means. Too many are
using utilities like McAFee which provide security against sending personal
information across the net and even in e-mail these days, and they would
interfere with anything that attempted to directly send such info! Even
when the e-mail goes out at the user's instruction it can cause these
security methods to fire, but there's not much I can do about that!
I'm going to be putting together a new sit of my own later this year
and I'm considering a change to this method whereas the applicant would
provide the necessary info as provided by a text file generated by the
application on-line, but then security will be even a greater issue!
from Robert Meek dba Tangentals Design CCopyright 2006
"When I examine myself and my methods of thought, I come to the conclusion
that the gift of Fantasy has meant more to me then my talent for absorbing
positive knowledge!"
Albert Einstein
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Human
Sent: Monday, April 03, 2006 10:30 AM
To: Delphi-Talk Discussion List
Subject: RE: What VCL do you use for protecting your application?
Hello Robert.
Your solution is not bad. Actually sounds good with a small exception.
Today peoples don't look with good eyes at your application if it will try
co connect to Internet.
They tend to call it a possible spyware. I do the same thing.
For example I wanted to buy a software called O&O Defrag (disk
defragmenter).
I've tried it and suddenly I changed my mind. Not only that my firewall
alerts me that it tried to
connect to the Internet (sometime I grant some applications to do that) but
it also tried to act
like a server!!!!!!!!!!!!
No sir! Unacceptable. So, next day I tried several other shareware and I
choused something
different and cheaper (ha-ha). Until today it never tried to connect to the
Internet. It checks
for updates by opening a Netscape window to its download page. Nice work!
So, making your shareware to directly connect to internet will scare some
possible clients.
But still, controlling who use me shareware application and how (often)
might be a very good
solution.
...
Anyway the cracking solution for your schema would be: to run a fake web
server on the same
computer as the application. All application's requests are redirected
(Windows host file) to this
fake server (which will replace your server). The cracker will provide a
username and password so
the fake server will have to return all the time the same answer, so it
don't even need to compute
a key. And your application doesn't need to be cracked (or in the worst case
the cracker will
replace your server IP with something else like 127.0.0.1).
--- Robert Meek <[EMAIL PROTECTED]> wrote:
> Everything I read about this subject makes me believe that no
> commercial solution, other than those that are hardware based, will stand
> the test of time. If there's even one piece of popular shareware out
there
> using a particular solution, it's already been cracked and thus they're
only
> one step away from breaking yours.
> What I finally came up with is a mixture of different things which
> help make the keys and encryption algorithms hard to find and put back
> together again the same way I use them. Keys are split into pieces and
> spread across different parts of the app, and so are the
> encryption/decryption methods. Since anyone can re-install a shareware
app
> that is fully functional so to be able to keep using it, I set mine up
with
> a hard-coded date, again slit out inside the app, which makes the app
> terminate no matter the time left on their trial by a certain date. They
> are then advised to download and install a new copy. I make these dates
> six-months apart, and eventually I'll set up a system so I can get
notified
> when a download is being made from the same address more than once or
twice.
> But if they register this date doesn't come into play, and registration
> depends upon not only the hidden keys and algorithms but the
administrative
> username, a private key they supply, a crc of the app made at the time of
> installation, and the Windows product ID # that has to match my records.
> This makes registration a two-step process. The first is when I get sent
an
> e-mail of this info all re-arraigned by the app, and the second when I
> return an application ID that is input to the app and which has to be
broken
> down to match these same records. I'm sure it could still be broken
however
> it would take a lot of work and will keep basically honest people from
> becoming dishonest!
>
> from Robert Meek dba Tangentals Design CCopyright 2006
>
> "When I examine myself and my methods of thought, I come to the conclusion
> that the gift of Fantasy has meant more to me then my talent for absorbing
> positive knowledge!"
> Albert Einstein
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
> On Behalf Of Human
> Sent: Sunday, April 02, 2006 12:05 PM
> To: Delphi-Talk Discussion List
> Subject: What VCL do you use for protecting your application?
>
> Hello.
> I want to implement a protection for one of my programs to make it
> trialware.
> I used until now my own component but now I want to use a professional
> solution that allow me to
> generate unique keys based on hardware ID.
>
> I've tried TmxProtect but it is unstable and has almost no documentation
> (but is free).
> With a little improvement it will be the best VCL around. But until then I
> need something else.
>
> I also tried other VCLs but I've found only bad jokes. For example a VCL
at
> 199$ which was weak
> then mine and had no hardware ID options.
>
>
> Any idea?
>
>
> If I choose Christianity then the Islamic will say I'm a pagan.
> If I choose Islamic then the Buddhism will say I'm a pagan.
> If I chose Buddhism then the Jewish will say I'm pagan.
> If I choose no God then everybody will say I'm pagan.
> Please, can I be free? Can you NOT tell me how I should live MY life?
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
> __________________________________________________
> Delphi-Talk mailing list -> Delphi-Talk@elists.org
> http://www.elists.org/mailman/listinfo/delphi-talk
>
> __________________________________________________
> Delphi-Talk mailing list -> Delphi-Talk@elists.org
> http://www.elists.org/mailman/listinfo/delphi-talk
>
If I choose Christianity then the Islamic will say I'm a pagan.
If I choose Islamic then the Buddhism will say I'm a pagan.
If I chose Buddhism then the Jewish will say I'm pagan.
If I choose no God then everybody will say I'm pagan.
Please, can I be free? Can you NOT tell me how I should live MY life?
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
__________________________________________________
Delphi-Talk mailing list -> Delphi-Talk@elists.org
http://www.elists.org/mailman/listinfo/delphi-talk
__________________________________________________
Delphi-Talk mailing list -> Delphi-Talk@elists.org
http://www.elists.org/mailman/listinfo/delphi-talk
