views:

144

answers:

4

Hey,

I'm trying to see what are the few good ways to validate my software.
I generate a key for each buyer and then want to make sure that key is used only once, and they can't install the app on other computers and use the same key.
Does anyone have any good suggestions?


Thanks,

+2  A: 

One easy method is to have the computer send the activation code via the Internet, then registering it on your server. In this manner, the same activation key cannot be used again.

You could alternatively have them call with the activation key if no Internet connection is present.

AlbertoPL
+4  A: 

The most prevalent way is a phone-home approach. After registration, your app will contact a server you control and send registration information. You would check the key against a database. If its new, allow registration. Otherwise deny registration.

This is a simple approach, but is not very userfriendly.

Problem 1: User reformats computer/computer dies/changes computer. In this scenario, your customer will not be able to reinstall the software they paid for. One solution is to have them contact you, and you will send them a new key.

Problem 2: User doesn't have internet access: Solution: make your application available online only.

Problem 3: A user uninstalls their program, then wishes to reinstall later. Solution: During uninstall, you will have to contact your registration server and remove the key.

Realize that your goal should be to keep the honest people honest. People who will pirate your stuff can easily defeat your best attempts at copy protection. Keep it simple, and dont spend too much time on it and deal with more important problems.

Alan
I think Alan means "contact", not "contain".
Vinay Sajip
You're right. Thank you.
Alan
phone-home approach! the most prevalent way?!!
luvPlsQL
Yes. Phone-home is another way to say "send registration over the internet"
Alan
+1: "Realize that your goal should be to keep the honest people honest. People who will pirate your stuff can easily defeat your best attempts at copy protection." C# is extremely easy to circumvent; people can edit the IL of application directly and the methods/classes that carry out your copy protection. Do not think you can beat someone willing enough!
Callum Rogers
And, you ended up pissing off your paying customers by making them jump through all kinds of hoops!
Alan
Phoning home is the most common way to do this, but users are sketchy about this kind of thing, and it may make them uncomfortable (especially if they don't expect it). Think about the message this sends users after they shell out good money for your software - I always try to err on the side of trusting them too much, since people are much happier that way.
rwmnau
The most important goal is to make the whole thing easy for the honest paying people and less pleasent for the pirates.
arturh
A: 

The real question here is whether strict license enforcement is really needed. There are some cases where it is, for sure, but there are many cases when the license code is overkill. In the end, it's a trade-off:

Pros of activation:

  • Guarantee that your user installs the app once
  • Knowledge of exactly how many copies are in the wild

Pros of minimal licensing (serial number and basic, non-internet validation)

  • User can quickly start using the app, even with no internet access
  • Minimally annoying to users
  • Doesn't inconvinience users who reformat and want to reinstall (if they're recovering from a crashed computer, license aggravation is the last thing they want)
  • Users wary of activation may skip on your app altogether, making a non-activating app more appealing
  • Even if your server goes down (or if you close down operations in the future), users can still use and reinstall your software
  • No support time spent dealing with activation hassles
  • Time spent developing an activation scheme can instead be devoted to making the app better, resulting in more sales

The activation scheme has pluses for you, the developer, and is a headache for users, whereas lightweight licensing is much more appealing to users, and offers only minimal drawbacks to users. On of my favorite articles that weighs the two choices is Eric Sink's "Tenets of Transparency (point 4).

Though you may think you need activation, I encourage you to consider whether you really do. Do the added sales from strict enforcement outweigh the lost sales from all the downsides?

rwmnau
A: 

there's a way u can make sure that one copy is used only for one PC here it is 1-when your application starts for the first it collects the machine's info..such as motherboard serial number...and when it finish collecting the infos the user activate the application over the net and get an activation code that is generated to this machine only>>If he tried to use the same activation code again on a nother pc when the application vefies the activation code with the hardware infos and find it not right the application reject it hope its clear