Re: User Preferences
My ISP gives out a new IP whenever I re-connect after e.g. a router restart. So that wouldn't work. Gerry Kee Nethery wrote: Log all the server connections. Once a day examine the log files to see if the same unlock code is coming from multiple IP addresses. If it is, that means that person has handed out their unlock code. If you see an unlock code that is rogue, create a text file and put it at that location on your server. ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
Re: User Preferences
Thanks Kee! I love this list. Phil Davis On 10/11/11 9:16 PM, Kee Nethery wrote: The common way to do this is to do a simple GET to your server. Perhaps use the unlock code as part of the URL. For example: http://gerryorkin.com/cgi-bin/unlockcode.txt Log all the server connections. Once a day examine the log files to see if the same unlock code is coming from multiple IP addresses. If it is, that means that person has handed out their unlock code. If you see an unlock code that is rogue, create a text file and put it at that location on your server. Set up your server to have a very simple short 404 message because most of your calls should get that (file not found). Make it very short and if your app receives that as a response, carry on. Perhaps the first text file signals to those apps to report home more frequently than normal so that you can see how many simultaneous users you have. Once you know the code is stolen, change the file to a kill signal. If your app receives a kill signal, perhaps have some message in multiple languages that lets them know that this software is just a trial version and the trial period is over. Let them know they can purchase the fully unlocked version at your web site and give them that URL. The thing to do is to not do this check immediately when launched and to not display the message immediately after you receive it. Instead squirrel it away somewhere like in your prefs file and then later on, display it and delete the saved unlock code from the software. My assumption with the above URL is that you are not going to have thousands of regcodes that you need to disable. If you think that might happen, take the first couple of characters and make them directories. For example, for a regcode of abcde12345 the URL might be http://gerryorkin.com/cgi-bin/a/b/cde12345.txt I understand that Apache doesn't like serving up files out of a directory with thousands of files. But odds are you will not have that many and one single directory should be enough. If your app cannot connect to your server after some number of attempts over some number of days, perhaps put up a bogus error message and a URL that explains it (with the unlock code encoded in the URL). That will let you know whether the unlock code is out there in major use. Finally, for each revision of your software, include some number of the unlock codes that if seen will cause the app to disable itself. Kee Nethery On Oct 11, 2011, at 8:17 PM, Peter Bogdanoff wrote: Yes, an internet connection is assumed because of streaming audio in the program. But how do I identify the user's computer so that no one else can use a copy of the program serial? I don't see a MAC address property in LC; neither a date function that would tell me a fixed OS installation date. The machine name seems to change. The IP address will vary. So a hidden prefs file seems the thing. I don't know how to do that. On Oct 11, 2011, at 7:26 PM, Gerry wrote: Or use an online method? Will your app be used in settings where a internet connection can be assumed? Gerry -- photos: http://gerryorkin.com On Wednesday, 12 October 2011 at 11:35 AM, Björnke von Gierke wrote: To prevent copying, do not produce anything. It's the perfect counter measure! ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode -- Phil Davis PDS Labs Professional Software Development http://pdslabs.net ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
Re: User Preferences
Yes, thank you Kee. That was fun new ideas for me. -Scott Morrow On Oct 11, 2011, at 11:13 PM, Phil Davis wrote: Thanks Kee! I love this list. Phil Davis On 10/11/11 9:16 PM, Kee Nethery wrote: The common way to do this is to do a simple GET to your server. Perhaps use the unlock code as part of the URL. For example: http://gerryorkin.com/cgi-bin/unlockcode.txt Log all the server connections. Once a day examine the log files to see if the same unlock code is coming from multiple IP addresses. If it is, that means that person has handed out their unlock code. If you see an unlock code that is rogue, create a text file and put it at that location on your server. Set up your server to have a very simple short 404 message because most of your calls should get that (file not found). Make it very short and if your app receives that as a response, carry on. Perhaps the first text file signals to those apps to report home more frequently than normal so that you can see how many simultaneous users you have. Once you know the code is stolen, change the file to a kill signal. If your app receives a kill signal, perhaps have some message in multiple languages that lets them know that this software is just a trial version and the trial period is over. Let them know they can purchase the fully unlocked version at your web site and give them that URL. The thing to do is to not do this check immediately when launched and to not display the message immediately after you receive it. Instead squirrel it away somewhere like in your prefs file and then later on, display it and delete the saved unlock code from the software. My assumption with the above URL is that you are not going to have thousands of regcodes that you need to disable. If you think that might happen, take the first couple of characters and make them directories. For example, for a regcode of abcde12345 the URL might be http://gerryorkin.com/cgi-bin/a/b/cde12345.txt I understand that Apache doesn't like serving up files out of a directory with thousands of files. But odds are you will not have that many and one single directory should be enough. If your app cannot connect to your server after some number of attempts over some number of days, perhaps put up a bogus error message and a URL that explains it (with the unlock code encoded in the URL). That will let you know whether the unlock code is out there in major use. Finally, for each revision of your software, include some number of the unlock codes that if seen will cause the app to disable itself. Kee Nethery On Oct 11, 2011, at 8:17 PM, Peter Bogdanoff wrote: Yes, an internet connection is assumed because of streaming audio in the program. But how do I identify the user's computer so that no one else can use a copy of the program serial? I don't see a MAC address property in LC; neither a date function that would tell me a fixed OS installation date. The machine name seems to change. The IP address will vary. So a hidden prefs file seems the thing. I don't know how to do that. On Oct 11, 2011, at 7:26 PM, Gerry wrote: Or use an online method? Will your app be used in settings where a internet connection can be assumed? Gerry -- photos: http://gerryorkin.com On Wednesday, 12 October 2011 at 11:35 AM, Björnke von Gierke wrote: To prevent copying, do not produce anything. It's the perfect counter measure! ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode -- Phil Davis PDS Labs Professional Software Development http://pdslabs.net ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
Re: User Preferences
On Oct 11, 2011, at 10:59 PM, Gerry wrote: My ISP gives out a new IP whenever I re-connect after e.g. a router restart. So that wouldn't work. Not sure what you are saying. Your computer when you use your software might have different IPs or your server is always moving around from IP to IP and no one can connect to it? If you are saying that people have IP addresses that change, that is not a problem. The thing you are looking for is the same regcode coming from multiple IPs during the same day. If your software only connects once a day, and a reg code gets three hits in a day from different IPs, regardless what the IPs are, you probably have three users with the same IP. Then if that continues for a couple of days, flag that reg code and have those users software check in more frequently than once a day. Then. if during the intensive you get IP-a the IP-b then IP-c then IP-b then IP-a then IP-c etc for the same reg code within the same day, you absolutely have multiple users using one reg code. Kee Gerry Kee Nethery wrote: Log all the server connections. Once a day examine the log files to see if the same unlock code is coming from multiple IP addresses. If it is, that means that person has handed out their unlock code. If you see an unlock code that is rogue, create a text file and put it at that location on your server. ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
Re: User Preferences
Just to clarify, I'm not the original poster on the thread :) My point was - if I am using this software and I have an unstable internet connection where my machine's IP could change during the day, it would report to the authentication server that the same reg code is coming from multiple IPs. But I can see how your escalating check on suspect reg codes could account for that :) Gerry -- photos: http://gerryorkin.com On Thursday, 13 October 2011 at 9:22 AM, Kee Nethery wrote: On Oct 11, 2011, at 10:59 PM, Gerry wrote: My ISP gives out a new IP whenever I re-connect after e.g. a router restart. So that wouldn't work. Not sure what you are saying. Your computer when you use your software might have different IPs or your server is always moving around from IP to IP and no one can connect to it? If you are saying that people have IP addresses that change, that is not a problem. The thing you are looking for is the same regcode coming from multiple IPs during the same day. If your software only connects once a day, and a reg code gets three hits in a day from different IPs, regardless what the IPs are, you probably have three users with the same IP. Then if that continues for a couple of days, flag that reg code and have those users software check in more frequently than once a day. Then. if during the intensive you get IP-a the IP-b then IP-c then IP-b then IP-a then IP-c etc for the same reg code within the same day, you absolutely have multiple users using one reg code. Kee Gerry Kee Nethery wrote: Log all the server connections. Once a day examine the log files to see if the same unlock code is coming from multiple IP addresses. If it is, that means that person has handed out their unlock code. If you see an unlock code that is rogue, create a text file and put it at that location on your server. ___ use-livecode mailing list use-livecode@lists.runrev.com (mailto:use-livecode@lists.runrev.com) Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode ___ use-livecode mailing list use-livecode@lists.runrev.com (mailto:use-livecode@lists.runrev.com) Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
User Preferences
Hi, My project is a OSX/Windows program that is sold to college students via a (Kagi.com) shopping cart with a serial key generator linked to it. I want to strengthen the copy protection by limiting the user to one installation (things can't be passed on to other students). I've tried using the machine name (gotten by the address function) and saving it in a custom property of the main stack. So when the stack is opened, the custom property is compared to the machine name. This works most of the time, but sometimes fails for a reason I've not been able to figure out. The two don't match when they should. So I'm needing another method. I've never tried writing a preferences file. I see that I could use specialFolderPath and write a file. Can this file be made invisible? Is this, in general, a good method to use for copy protection? We plan ultimately to sell this kind of thing in China where file copying is rampant and want to prevent that somehow. I purchased Zygodact but it doesn't seem to work for us as it generates its own keys... Peter Bogdanoff ArtsInteractive.org ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
Re: User Preferences
To prevent copying, do not produce anything. It's the perfect counter measure! Barring that, concentrate on ways to sell despite piracy, because you can't prevent it. For example, games increasingly have downloads that they sell as add-ons (downloadable content). That way they can sell things to pirates, and also check more often for serials validity. On 12 Oct 2011, at 01:12, Peter Bogdanoff wrote: We plan ultimately to sell this kind of thing in China where file copying is rampant and want to prevent that somehow. -- Watch live presentations every Saturday: http://livecode.tv Use an alternative Dictionary viewer: http://bjoernke.com/bvgdocu/ Chat with other RunRev developers: http://bjoernke.com/chatrev/ ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
Re: User Preferences
Or use an online method? Will your app be used in settings where a internet connection can be assumed? Gerry -- photos: http://gerryorkin.com On Wednesday, 12 October 2011 at 11:35 AM, Björnke von Gierke wrote: To prevent copying, do not produce anything. It's the perfect counter measure! ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
Re: User Preferences
Yes, an internet connection is assumed because of streaming audio in the program. But how do I identify the user's computer so that no one else can use a copy of the program serial? I don't see a MAC address property in LC; neither a date function that would tell me a fixed OS installation date. The machine name seems to change. The IP address will vary. So a hidden prefs file seems the thing. I don't know how to do that. On Oct 11, 2011, at 7:26 PM, Gerry wrote: Or use an online method? Will your app be used in settings where a internet connection can be assumed? Gerry -- photos: http://gerryorkin.com On Wednesday, 12 October 2011 at 11:35 AM, Björnke von Gierke wrote: To prevent copying, do not produce anything. It's the perfect counter measure! ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
Re: User Preferences
The common way to do this is to do a simple GET to your server. Perhaps use the unlock code as part of the URL. For example: http://gerryorkin.com/cgi-bin/unlockcode.txt Log all the server connections. Once a day examine the log files to see if the same unlock code is coming from multiple IP addresses. If it is, that means that person has handed out their unlock code. If you see an unlock code that is rogue, create a text file and put it at that location on your server. Set up your server to have a very simple short 404 message because most of your calls should get that (file not found). Make it very short and if your app receives that as a response, carry on. Perhaps the first text file signals to those apps to report home more frequently than normal so that you can see how many simultaneous users you have. Once you know the code is stolen, change the file to a kill signal. If your app receives a kill signal, perhaps have some message in multiple languages that lets them know that this software is just a trial version and the trial period is over. Let them know they can purchase the fully unlocked version at your web site and give them that URL. The thing to do is to not do this check immediately when launched and to not display the message immediately after you receive it. Instead squirrel it away somewhere like in your prefs file and then later on, display it and delete the saved unlock code from the software. My assumption with the above URL is that you are not going to have thousands of regcodes that you need to disable. If you think that might happen, take the first couple of characters and make them directories. For example, for a regcode of abcde12345 the URL might be http://gerryorkin.com/cgi-bin/a/b/cde12345.txt I understand that Apache doesn't like serving up files out of a directory with thousands of files. But odds are you will not have that many and one single directory should be enough. If your app cannot connect to your server after some number of attempts over some number of days, perhaps put up a bogus error message and a URL that explains it (with the unlock code encoded in the URL). That will let you know whether the unlock code is out there in major use. Finally, for each revision of your software, include some number of the unlock codes that if seen will cause the app to disable itself. Kee Nethery On Oct 11, 2011, at 8:17 PM, Peter Bogdanoff wrote: Yes, an internet connection is assumed because of streaming audio in the program. But how do I identify the user's computer so that no one else can use a copy of the program serial? I don't see a MAC address property in LC; neither a date function that would tell me a fixed OS installation date. The machine name seems to change. The IP address will vary. So a hidden prefs file seems the thing. I don't know how to do that. On Oct 11, 2011, at 7:26 PM, Gerry wrote: Or use an online method? Will your app be used in settings where a internet connection can be assumed? Gerry -- photos: http://gerryorkin.com On Wednesday, 12 October 2011 at 11:35 AM, Björnke von Gierke wrote: To prevent copying, do not produce anything. It's the perfect counter measure! ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode ___ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
