tags:

views:

119

answers:

3
+3  Q: 

Steps to publish Software to be purchased via Registration

I'm about to get finished developing a windows application which I want to release as shareware. It was developed in C# and will be running on .Net 3.5+ machines. To use it the user will have to be online.

My intent is to let the user try it for 30 days and then limit its functionality until a registration is purchased.

The installer will be made available via an msi file.

Could anyone give the general steps on how to implement this? Here are some more specific questions: Since I am trying to avoid having to invest a lot upfront in order to establish an e-commerce site, I was thinking of a way to just let the user pay somehow, while supplying his email in which he then receives the unlock key. I found some solutions out there like listed here: Registration services

I am still not sure, if they are the way to go.

One of my main concerns is to prevent the reuse if a given serial, e.g. if two users run the program with the same serial at the same time, this serial should disabled or some other measure be taken. Another point is, that my software could potentially be just copied from one computer to the other without using an installer, so to just protect the installer itself will not be sufficient.

Maybe someone who already went though this process can give me some pointers, like the general steps involved (like 1. Get domain, 2. Get certain kind of webhost ....) and address some of the issues I mentioned above.

I'm thankful for any help people can give me.

+1  A: 

I don't have a useful answer for you, but I did have a couple observations I wanted to share that were too large to fit in a comment. Hopefully someone else with more technical expertise can fill in the details.

One of my main concerns is to prevent the reuse if a given serial, e.g. if two users run the program with the same serial at the same time, this serial should disabled or some other measure be taken.

To ensure that two people aren't using the same serial number, your program will have to "phone home." A lot of software does this at installation time, by transmitting the serial number back to you during the installation process. If you want to do it in real time, your application will have to periodically connect to your server and say "this serial number is in use."

This is not terribly user friendly. Any time that the serial number check is performed, the user must be connected to the Internet, and must have their firewall configured to allow it. It also means that you must commit to maintaining the server side of things (domain name, server architecture) unchanged forever. If your server goes down, or you lose the domain, your software will become inoperative.

Of course, if a connection to your service specifically (rather than the Internet in general) is essential to the product's operation, then it becomes a lot easier and more user friendly.

Another point is, that my software could potentially be just copied from one computer to the other without using an installer, so to just protect the installer itself will not be sufficient.

There are two vectors of attack here. One is hiding a piece of information somewhere on the user's system. This is not terribly robust. The other is to check and encode the user's hardware configuration and encode that data somewhere. If the user changes their hardware, force the product to reactivate itself (this is what Windows and SecuROM do).

As you implement this, please remember that it is literally impossible to prevent illegal copying of software. As a (presumably) small software developer, you need to balance the difficulty to crack your software against the negative effects your DRM imposes on your users. I personally would be extremely hesitant to use software with the checks that you've described in place. Some people are more forgiving than I am. Some people are less so.

AaronSieb  2009-09-02 14:00:48
A: 

Prevent copying: base the key on the customer's NIC MAC. Most users will not go to the trouble of modifying their NIC MAC. Your app will have a dialog to create and send the key request, including their MAC.

The open issue is that many apps get cracked and posted to warez sites. Make this less likely by hiding the key validation code in multiple places in your app. Take care to treat honest users with respect, and be sure your key validation does not annoy them in any way. Make it clear that the key they are buying is node locked.

And worry about market penetration. Get a larger installed base by providing a base product that has no strings attached. cheers -- Rick

rleir  2009-09-02 14:42:01
+1  A: 
Cape Cod Gunny  2009-11-01 21:56:16

related questions

BizSpark deployment license hosting
Web Hosting Managers
Best quality/price shared Web Hosting for Asp.Net Mvc
Affordable windows host?
Are there any pitfalls trying to run DNN on Windows Server 2008 Web Edition?
Cheap ASP.NET Hosting - Mutiple Domains
Any free ASP.NET 3.5 App host?!
Is there a reliable mail server on Windows 2008 web edition?
Shared Hosting <trust level ="Medium" />
Best control panel software for windows hosting?
What is a good blog hosting service for programmers?
Quality windows ASP.NET + SQL Server 2005 Web Hosting
mosso versus gogrid which is better?
Uninitialized string offset error from PHP import script
Hosting your site with your domain registrar
Reliable and performant cheap (ish) hosting for ASP.NET 3.5 and mysql
Hosting a website on your own server
What's the best linux distribution for ruby on rails development and hosting ?
Best web hosting/CMS for my non-technical friend
Not able to delete directory
NHibernate and shared web hosting
Where can I get ASP MVC hosting?
A Good, Scalable Webhost For PHP
Favorite web host.
How to redirect siteA to siteB with A or CNAME records