Jump to content
Server Maintenance This Week. ×

Piracy Protection

kenneth2k1

By kenneth2k1
in Development Standards

 Share

This topic is 7978 days old. Please don't post here. Open a new topic instead.

Recommended Posts

kenneth2k1 Mentor

kenneth2k1

Posted
Posted

Hello!

I was wondering if anyone has ever been able to implement something to prevent a solution from being operated on two different machines. For example, if you have a license for only one PC/user, preventing that same solution from working on another computer. Perhaps some little trick with scriptmaker or something. Thanks in advance.

Ken

Link to comment
Share on other sites
  • Newbies
photoadjuster Newbie

photoadjuster

Posted
  • Newbies
Posted

Ken, download the free crypto plugin written by Dave McKee - http://www.protolight.com/ Look for the external function listed below. When called, it returns the volume serial number, that is assigned to the hard drive of a PC or a Mac, when the disk is formatted. With some type of activation method using this number, you can prevent you solutions from being stolen.

External ("crypt-VSN", parameter )

[use "" as the parameter]

Regards,

Mike Stephenson

Link to comment
Share on other sites
djgogi Proficient

djgogi

Posted
Posted

Make yourself few questions:

1) When is the moment that I encrypt the volume number?

2) Where do I hold the encrypted volume number?

3) How do I know should set or check for volume number?

Reflect and try to answer them:

Finally you'll realize that there's no way to protect your solution from piracy!

Why?

Because the start-up script might never be triggered!

Dj

Link to comment
Share on other sites
SteveB Mentor

SteveB

Posted
Posted

I don't necessarily agree with Djukic. Partly it depends on what capabilities you're allowing the user to have.

The easiest situation to protect is a Kiosk because you provide the navigation and the menus are unavailable. The crypto plugin is the starting point. The way a startup script must be handled is that every file in the solution has a startup script that runs a startup script in the main file that contains copy protection scripts. Then it doesn't matter what the user clicks on. Record the disk serial #. I give the user (mine is single user only) a 15 day free trial, so I record the current date. I also record 'yesterday' to keep them from rolling the clock. When they pay for the solution they get an encrypted unlock key that consists of a product code and disk #, etc. The solution validates the unlock and it's propagated to the other main files. The only way this can be changed in under pgm control. If they want to move to another machine, they need to uninstall the solution (an FM file that generates an encrypted code that they give back to me) and it leaves a footprint that will prevent a re-install, yada, yada, yada.

If you're not doing a kiosk, it's probably harder to secure depending on what capabilities you've left in the system. While I'm sure some expert could hack what I've done, I doubt that 99.9% of the users could.

Steve

Link to comment
Share on other sites
djgogi Proficient

djgogi

Posted
Posted

I think I was missunderstood.

I don't speak about security of an isolated runtime solution, ie when user has only your stand alone solution file.

The problems arrise when they have also a copy of FM:

What I would like to see in FM is DEVELOPER LEVEL ACCESS, ie when you open your files with developer password the statrup script won't execute. In any other case no matter how the files are opened (via relartionship, by selecting perform script step from another file, creating value list from another file) the startup script should execute.

Without entering in further discussion, I think that that would be the only way to protect our works.

Dj

Link to comment
Share on other sites
Fitch Grand Master

Fitch

Posted
Posted

Well, has anyone tried a shoddy little trick like:

Case (Status (CurrentGroups) = "Single User" and Status (CurrentUserCount) > 1, "You're under arrest!")

Link to comment
Share on other sites
eremaut Explorer

eremaut

Posted
Posted

You wrote:

What I would like to see in FM is DEVELOPER LEVEL ACCESS, ie when you open your files with developer password the statrup script won't execute. In any other case no matter how the files are opened (via relartionship, by selecting perform script step from another file, creating value list from another file) the startup script should execute.

---

Well all these things are available in FM, it's just a matter of clever scripting. Things starts by writing a good user-menu where all user actions can be monitored. It's there you can store the priviliges of users (forget the privilegs that comes with the FM client) and it's there you can also see wether they are already online or not.

No plug-in needed for this solution ...

Regards,

Link to comment
Share on other sites
djgogi Proficient

djgogi

Posted
Posted

I don't think we were talking about protection of host based solutions, when user has to access files on your dedicated server, which is much easier situation to deal with because you have direct control over DBs.

The original formulation of the problem was(or at least was my interpretation of it) :

How to prevent unauthorized ditribution and utilization of your software?

I'm not talking about situation when the product was realized on demand and, hence, I was already paid (very good) for the job so I won't give a deem if they use it on 10 instead of 5 clients ( of course I'd put some protection on this but I also know that if someone realy want to by-pass it, he surely will).

No, I'm talking about so called "fully functional demos" which have been protected in some way (date stamp, reg num, rec num ect.).

Well all these things are available in FM, it's just a matter of clever scripting. Things starts by writing a good user-menu where all user actions can be monitored. It's there you can store the priviliges of users (forget the privilegs that comes with the FM client)

Do you mean by clever scripting dedication of 90% of your time for protection against piracy an 10% for implementation of your solution?

Name me one example of well protected (your or third party) solution.

Forget the privilegs that comes with the FM client!!!

Hey man, that is the only working protection that you have. Instead forget those you've created.

The following is not true:

[p]

The startup script allways executes

If the field is not present on any layout than it could not be accessed/edited

User can visit only visible layouts

Satus area can not be unlocked without the script

Without menu bar records can be created/deleted only via scripts//I'm not talking about creating/deleting them using contextual menus

If the FM password does not permit it than it's impossible to create relationships with files from my solution

If I'm using some security plug-in than my solution won't work without it

If you think you migth contest some of above, I'll be glad to prove you it's validity.

Dj

Link to comment
Share on other sites
eremaut Explorer

eremaut

Posted
Posted

Hi Dj,

Without going into every detail here, it just would take to long. But I would like to add some comments here:

* First it's clear that every protection can and will be broken someday.

* We don't use so called "fully functional demos", no need to do that. If you want to give the user an idea of how your application will look and feel, then an application with limited records possibility or with reports with many DEMO banners on it will do a great job. Our demo comes with only 90% of the normal functions of the real application. Secondly, our demo application (FM Developer based) is coming on a copy protected CD. This CD needs to be inserted before the FM application will launch. Up to today this CD can't be copied even with the latest CLONE CD 4.x softw. Okay, one day will come that we see a crack for it ... but by then I will have changed for a new CD copy scheme.

* >Do you mean by clever scripting dedication of 90% of your time for protection against piracy an 10% for implementation of your solution?

No, I mean with clever scripting you can go a long way by doing things yourself before the need of buying a plug-in solution. These plug-in's will give you extra possibilities but will also increase the price of the application. For many of our users this counts ...

* >Hey man, that is the only working protection that you have. Instead forget those you've created.

No, we will not. It's thrue that we use a base of this FM system. Buth the FM system is far from complete to handle all the needs for user settings needed in a real life application. How - for example- will you give the administrator of your application (running at the users site) a tool to create new users for there application? How - for example - will you prevent users from running the application on a friday, saterday and sundays while they are allowed to run it on the other days of the week?

For all this you need to develope a user-menu system where usernames, passwords and access settings can be stored and set by an administrator (without knowing your own FM master/developer password) !

* >The following is not true. The startup script allways executes

>If you think you migth contest some of above, I'll be glad to prove you it's validity.

Well, I'll take you up on that one ... only this one, it would just take to long.

>The startup script allways executes ...

This is true and not true. You are right, it's possible to open a file via a relationship and the startup script won't execute. But this you can prevend from happening by not placing related fields on the opening layout. The FM access privilges (base system) must be set to prevend the creation of relationships with files from others ...

In our application all files are checking the other files when they startup. When not loaded in the correct order, the application is quiting. The loading of the files are handled by a front loader (FM file). The only purpose of this loader is to startup the other files with the correct FM access priviliges (base system as we spook before) and in the correct order.

This loader can only be loaded by the master menu-system ... and to make it even more confusing, they are in fact loaded not by the startup script but by the closing script !

Believe me, I've done some testing here. I spend five weeks of development of this loader system only ... needless to say that many items (username, passwords) in this system are encrypted.

Regards,

Link to comment
Share on other sites
djgogi Proficient

djgogi

Posted
Posted

In reply to:

This is true and not true. You are right, it's possible to open a file via a relationship and the startup script won't execute. But this you can prevend from happening by not placing related fields on the opening layout. The FM access privilges (base system) must be set to prevend the creation of relationships with files from others ...

First, this is not the only way to open file without executing it's startup script. Few methodes:

Defining an script in external file and creating an subscript pointing to the target file.

Trying to create an relationship from external to target file

Defining an value list in external file that use values from some fields in target file.

Second, as I said IT IS ALWAYS POSSIBLE TO CREATE AN RELATIONSHIP FROM EXTERNAL FILE TO ANY OF YOUR SOLUTION'S FILE WETHER OR NOT IT IS PERMITED BY ACCESS PRIVILEGES

If you don't belive it than just drop me some "protected" file.

For the rest of your post, yes I'm agree with most of it.

That's what I allways say when it comes to talk about demos.

They just need to be demos, ie reduced functionality without ways to by pass it.

This is a demo if you like it come and by the true product and not this is a demo but if you register it will become fully functional. No way.

Dj

Link to comment
Share on other sites
kenneth2k1 Mentor

kenneth2k1

Posted
  • Author
Posted

Whoa. I appreciate all the good insight, but I didn't mean for it to be the citadel!

Of course I realize that there is always a way around protection. I am not concerned with a demo technique, I already have a suitable demo. I will explain to you who and why, and then maybe I will be a little more clear.

Basically this is a marketing program that is used by financial advisors and insurance agents. They are not too technically inclined, so trust me, they will not be trying that hard to crack it. Besides, like you all have said, if they really want to crack, they will.

The reason I want to protect it is to prevent the buyer from just giving it to another agent to use. These guys are shady (but hey, aren't we all?). If there was just a simple way to prevent the same solution from being installed on another machine. It doesn't even have to completely protect it. I don't know, I guess this is just going to be the age-old question. I don't think I can do a dynamic product registration like Microsoft does!!!

Thanks again to all.

Link to comment
Share on other sites
eremaut Explorer

eremaut

Posted
Posted

Hi,

Yes, I believe indeed this was your first question. We have drifted away ...

---

The best you can do now is something I already spoke about. Built in (as many as possible) personal banners from this first agent ... on splash screens, on printed reports, things like address and name of the agent, etc ...

By this you don't prevent it from giving away to a second agent, but when they start using it, the will be confronted with the info of the agent colleague. A fearly good psychological block ...

An other solution. When they use your appl. they should start by given a password and a click on a OK-button, no? Or any other important starter button will also do ...

Well, built a 'Send Mail' step in on the script of this button, to send a "Start application" message to a dedicated account in your company. By this you will know when and who's using your application, yeaah ...

If it's by an unauthorised agent, send them a bill, and I don't mean Clinton here :-)

OK, they can close down there mail client application to prevent any further messages. But, you will receive in 99% of the time a first message, nobody is expecting this to happen! And then you have a proof in hand ...

BTW, can also be used to knock on agent 1, because his's in fact the giveaway boy ...

PS: Yes, true, this will also sent mails every time agent 1 start's (legitimatly) your application. No harm, this info (date/time) can be used for statistics ... therefore use a dedicated account and not your personal email account !

Regards,

Link to comment
Share on other sites
kenneth2k1 Mentor

kenneth2k1

Posted
  • Author
Posted

I really like the idea of having it send email everytime its opened! I'd better get another yahoo account, cuz that would create alot of mail.

I already have a username/password setup. And I think I'll put the client's name all over the soln also!

Thanks for the advice.

Ken

Link to comment
Share on other sites
  • 1 month later...
jeffer Collaborator

jeffer

Posted
Posted

hmmm....It should be possible to make a serial number apple script that runs a check at startup? Let's say trough the MAC adres of your computer? Some calculations are done and if they are right...the applescript starts your solution. When the solution isn't opened trough the applescript or opened on an other mac your calculation isn't right...so your solution ends up whit an error message.

Just a thought:)

Jeffrey

Link to comment
Share on other sites
kenneth2k1 Mentor

kenneth2k1

Posted
  • Author
Posted

Excellent idea. Only problem is that this soln will be used on WinOS primarily. So AppleScript is out unfortulately.

I ended up just having a script that emails me a registration form after agreeing to the license agreement. This occurs only the first time it opens after install. The operation can be canceled, however. I figured since I get away with it so much, I shouldn't try so hard to prevent others...HA.

I find your idea interesting and very helpful, though.

Ken

Link to comment
Share on other sites
jeffer Collaborator

jeffer

Posted
Posted

Windowzzz...It should be possible to retrieve the MAC adres trough an event or something like that?

The only thing i can say is that this solution works fine! In Holland we've created a

management system for coffee shops. Because this is a customer group that likes copying software we had to make a robust security system. Customers are calling us all day because their Count-It database wont start up on a different or extra mac.

So it works successful! You can even limit the number of users:)

The only way to crack this security is (i think) by cracking the filemaker database password! But i don't think there will be a solution for that one:(

greetz,

Jeffer

Link to comment
Share on other sites
djgogi Proficient

djgogi

Posted
Posted

You're lucky that they are coffee users ad not FM users. crazy.gif

If you need a real security check than send me your solution (or just protected file) and I'll generate the security report for you free of charge (only first time):P

Dj

Link to comment
Share on other sites

This topic is 7978 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept