What I do is to copy a small ini file to some directory during installation. The file contains an encrypted (weakly) date that the program was first installed. When the program starts, it looks for that file and determines the number of days since installation. If it's over the limit, the program exits with a polite message that the trial period has expired. If the file doesn't exist, the user is warned that they must run installation to use the program. Running the uninstall does not remove this file and if installation is run a second time, the file won't be overwritten. If the user is trying to get another trial period, they'll have to find this file and delete it before running installation again. This is by no means foolproof but, as you said, there's no truly foolproof way to keep someone who's really determined from defeating it. But, it does require them to find the file and delete it and then reinstall if they want an extra trial period. If the user has registered, a file that contains the registration name and an encrypted string based on the registration name (stronger encryption) is written to the installation directory. When the program runs, it looks for the registration file first and, if it finds it, skips the check for the 'date of installation' file.
As you mentioned, this method could be extended to make it a little more difficult to defeat by placing the installation date in multiple locations, including the registry. After having done all of this, you then have to contend with the guy who's determined, has the expertise, and is willing to create a keygen that duplicates the registration name encryption or a crack that bypasses all of the checks for installation date or registration. If your program is worthwhile, the latter will eventually occur. Perhaps at that point, you can pat yourself on the back for having created a useful program that's at least worth the effort involved in defeating it. :-) ----- Original Message ----- From: "Cosmin Prund" <[EMAIL PROTECTED]> To: "Moderated discussion list about programming with Borland's Delphi" <[email protected]> Sent: Friday, March 24, 2006 1:42 PM Subject: LITE security / licensing aid > Hello everyone! > > I'm working on securing some of my applications right now. I've managed to > get "on/off" security working (ie: you're ether licensed or you're not > licensed) but now I'd like to add a few tones of "gray". Essentially I'd > like to add the ability to delay activating the product for a while. This > requires some storage for number of "runs" or "expiry date". > > I KNOW there's no real way of securing any piece of data on a client's > system but I'm not really facing real crackers so a "so/so" solution would > work. The thing I'm mostly afraid is the situation where someone would > stumble across my "data" and simply delete it! That would make my > application think it was freshly installed and provide the client with a > fresh "free" period! That's not good. > > I mostly think I know the solution: I just need to write the same data > into > multiple places so the user would not find them all. But then comes the > question: Where exactly do I write this data so the user would NOT > consider > I'm invading his space? > > I'm considering: > > 1) My "Program Files" folder. This is very obvious and the user is likely > to > find it. > 2) The "Application Data" folder for the current user. This doesn't exist > on > Win9X machines! > 3) My registry key (under the HKCU\Software\MyCompany key). This would be > easy to spot too. > 4) Some other, better, yet polite hiding place :) > > Anyone been here before? > Anyone has other good ideas? > > Thanks for your input! > Cosmin Prund > > > _______________________________________________ > Delphi mailing list -> [email protected] > http://www.elists.org/mailman/listinfo/delphi _______________________________________________ Delphi mailing list -> [email protected] http://www.elists.org/mailman/listinfo/delphi
