We've developed a bespoke ASP.NET application for use on our customer's intranet. It appears they're unlikely to pay for it, so our boss would like us to introduce a time bomb.
[Edit:] Technical responses only please! Whether this is a good (or legal) idea is a question for CEOoverflow.com ;-)
All pages in the application inherit from a class called ApplicationBasePage and have consistent error handling, so I'm thinking that throwing an exception early in the lifecycle of ApplicationBasePage will be an easy way to make the application unusable. I'm open to other ideas you may have though.
My question is: how and where should we store the date on which the application will expire?
Some points to note:
- The application is installed on a single server in the customer's offices.
- Application data is held in a SQL Server 2005 database held on the same server. The database was designed by us and is not used for anything else.
- The application is only accessible on their intranet: there is no access to the application over the Internet.
- We currently have remote desktop access to their server, but would expect to lose that if things turn nasty.
- The application is written in .NET 2.0.
- Security is handled by FormsAuthentication.
- We need to be able to turn the timebomb off or change the its trigger date easily (assume we still have remote desktop access to do this).
- The server can normally access the Internet, but it would be best not to rely on this.
- The timebomb will only lock users out: it won't destroy any data.
- Unless it triggers, the customer must never be aware of the time bomb's existence.
- Their IT guy will happily go poking around in the web.config or in the database. He's not a programmer but he's not afraid to change things "just to see what happens". Decompiling or reverse engineering the application would be beyond his capabilities.
For extra credit, how much do you think it's OK to rely on security through obscurity in this case?
[Edit:]
- The application does a lot of business-critical date-dependent stuff, so we can be sure they won't change the clock on their server as this would make the application worse than useless.