LITE security / licensing aid (Cosmin Prund) A good hiding place in the registry is in the forest of CLSID entries in HKEY_CLASSES_ROOT which can only be altered with administrative rights. It can read by all users but it can't be found easily and deleted.
A CLSID can be created statically with Str-Ctrl-G in Delphi for use at installation time. Counters can be placed there which are copied to another CLSID in HKEY_CURRENT_USER and decremented at each new run. That offers the possibility of arranging different trial run counts or types of run or dates for different users. A CRC checksum for the exe file and recorded in the installation program, then placed in the initial CLSID directory for checking at startup of the program defeats changing the executive with a disk editor or a debugger to skip the checking code. A hash code on a CLSID within a CLSID can offer protection of the CLSID itself. CLSID's can be also created dynamically at run time with the Windows API call CoCreateGUID so that different CLSID's are made on different machines. If returned to the programmer via a mail option in the installation program, they offer a unique key to identify a user and the machine. Returning the hash code of the CLSID is better, since it hides the CLSID from view at mail time. These methods can be defeated with one of the installation monitors available on the Web which creates a copy of the registry before installation and compares it with the result after installation as can all methods which rely on files. A small cloud of dummy CLSID keys generated at random along with sub-CLSID referenced keys when the installation program runs or after each run of the progam can make deleting them somewhat more painful since the user can't know which ones actually contain needed data. Examine HKEY_CLASSES_ROOT with Regedit or Regedit32 and look at the quantity of CLSID's under Microsoft, for example. Irwin Scollar _______________________________________________ Delphi mailing list -> [email protected] http://www.elists.org/mailman/listinfo/delphi
