tags:

views:

74

answers:

3
+1  Q: 

Safe emailing of software

Some people bought my application (which has no DRM) through PayPal. I didn't include update functionality inside the app (bad idea.) Now that there's a update, I thought I could email all previous customers with a link to the updated version they could install. Unfortunately, this idea is too open to attack (just copy and post link on forum) so it was rejected. How can I email everyone who bought the app with a safe link that is not so open to attack?
Thanks, Isaac

+2  A: 

Just create a web app that can authenticate users. Send an e-mail to your clients so they can register to your website, and create a username/password to download your app. Every time there is a new update, they can just go in, authenticate and download. You can also create links that are only valid once, this is also handled by your web app.

daniel  2009-07-25 04:13:37
+1  A: 

Perhaps consider this:

  • Upload an updated package to your website/ftp. Secure it.
  • Send a link to a login page to each customer
  • Each link should contain a parameter on the querystring - a GUID perhaps, for one time use.
  • Ask the user to enter their email address, and ensure that it matches the GUID you have on record for that email address.
  • Once it has been downloaded, deny any more downloads with that email address or GUID; write to a small DB (i.e. SQLite)
  • If the customer needs to download it more than once, have them email you. You can resend them a new download link with a new GUID. This would be all tied to their email address for traceability.
  • Perhaps don't even force the user to email you. Regenerate a new GUID, but cap the user at 2 or 3 auto-generated GUIDs.
  • You now have stats on who downloaded what and how many times?

This pattern could be replicated to all the products you'd want to offer for download, and each different version. It'd be great to take advantage of this scheme for all those situations.

p.campbell  2009-07-25 04:14:23
Good idea, but just a question: What is the hashed query parameter for?
Isaac Waller  2009-07-25 04:17:56
A: 

You could make the update installer require that the original be installed. Or you could tag each download with an id that the installer sends back to the server before install, to check if that copy has been installed before, to prevent reuploads. (probably want to allow for a few reinstalls)

David  2009-07-25 04:22:26

related questions

How to write a basic closed-source license for a software project?
Using Maven for project distribution
How do I restrict my AIR distribution?
Is there a possibility for smaller JRE / packaging Java software for Softgrid
When and when-not to install into the GAC?
Selling source code, What should I be aware of
SQL table change distribution
Serial number (registration key) algorithm in .NET
How do I automate building the source distribution for an iPhone app with Xcode?
Web based Software Distribution
What is the best way to distribute a python program extended with custom c modules?
Creating multi-platform CDs for software distribution
Is it possible to create a custom distribution of OpenOffice, or a way to package it into my java application?
How can I make my ad hoc iPhone application's icon show up in iTunes?
In what ways can you get your freeware project some exposure?
How do small software patches correct big software?
Windows .url links that point to same address when copied over or deleted
Best activation key software for .NET application?
How do you protect your software from illegal distribution?
What are the extents of the meaning of "distributing" under the LGPL license?
What's the best way to distribute Java applications?
Options for distribution of an offline Ruby on Rails application
What are the advantages of packaging your python library/application as an .egg file?
PAD (Portable Application Description) files for shareware / freeware
Packaging Java apps for the Windows/Linux desktop.