Bill Marriott wrote:
But perhaps you're a little modest.
I've been accused of that before. :)
Yes, there are a variety of schemes for trials, and not all of them are
time-limited. Some publishers offer a limited number of program launches
before a trial ends, instead of a specific timeframe, for example.
Right, everyone's needs will be different. My primary concern is that
whatever method Zygodact might use, if it is cracked, then everyone who
has integrated Zygodact into their work will be affected if word gets
out. So I'm thinking it would be better if software authors use whatever
method they prefer to track trial dates, and the more varied, the better.
Zygodact's internal registration scheme is unique for each user copy, so
it doesn't matter if "word gets out" on that aspect. Even if someone
discovers how it's done, it would be very difficult to decrypt that
particular copy's hash scheme.
Since Zygodact generates the activation codes, I think it would be a handy,
optional feature to bake an encoded expiry date into trial codes, ala
Revolution trials. The developer can't really customize that aspect of the
system, right? Hm, maybe if they appended an encoded date before/after/into
the code generated by Zygodact?
Anyway, codes with embedded expiry dates is probably a more foolproof way to
ensure people don't abuse trials. A weakness of the hidden stack/file
approach is that a user can simply find that file and delete it to
reactivate a trial.
That's the problem. I've written other client registration schemes with
embedded expiration dates and they work fine, but we kept the user
database on a server and the app had to "call home" to check its own
validity. TeachMac is one example that uses Zygodact's algorithm, but
since it is a fully online training system, contacting a server is a
normal part of its activity. But most people don't want their software
to require online access (and I personally don't like it at all.)
Zygodact does return data to the scripts that will allow authors to use
the server method if they want to, but I leave that up to the author.
This way, they have to request a new key to keep a trial
going. Not perfect, but you could at least see when emails keep coming in
from the same IP address, mail server, etc. (Without the kind of "phone
home" activation most users find offensive, you can't really do anything
about determined trial abusers.)
I'm thinking about this about for a future update, among other features.
But again, the problem is in using a method that would affect all
Zygodact users if it were discovered.
--
Jacqueline Landman Gay | jac...@hyperactivesw.com
HyperActive Software | http://www.hyperactivesw.com
_______________________________________________
use-revolution mailing list
use-revolution@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
