3rd party licensing components

Question

Hi,

I'm looking at this 3rd party licensing component, and I'm curious what measures they can take to secure a .net desktop application?

they provide things like: trial version, registered version using a license key.

It also can lock the application if their license expires.

It is a C++ dll under the covers, and in .net you have to call the methods using extern.

The question is, are they doing anything other than just writing to the registry? Myabe putting some datestamps in teh registry entry to prevent people from fudging with the computer date?

Answer 1

Licensing components will generally check more than the date. They will try to generate a "fingerprint" of the current machine, based on its hardware and environment. That can be based on a number of factors, including MAC address, hard-drive ids, CPU ids, available hardware, etc. Some of the smarter ones include "hysteresis", to allow small changes to hardware to be made without triggering a violation.

In applications where network availability is required, the licensing component can also check back with a licensing server to ensure two identical licenses aren't being used simultaneously.

The places an licensing component can store its information is not limited to the registry. They can either play according to the rules, and store their information where applications are supposed to store their data (e.g. the registry and local files), or they can try to secrete the data amongst other files (or even lower level disk artifacts) using steganographic techniques.