Application Licensing
-
I'm considering releasing a product for sale on the internet, but I'm having a hard time figuring out a way to protect it. I've done a lot of research on Google for commercial applications, and quite a few sound good, but spending $1000+ on a good piece of software is not feasible in my situation. My e-commerce company provides a licensing tool to use, and I can activate, validate, etc, keys using their API's. However, the problem lies in the fact that any language that runs on the .Net CLR can be easily decompiled. This would make it pretty easy to simply decompile my program, remove the IF statements that deal with licensing, and then it's free for anyone with a P2P application. How can I go about protecting these validation IF statements and DLL files (the ones that my e-seller has provided me), without spending a lot of cash? I know obfuscation can be used, and that there is a simple version of Dotfuscator included with Visual Studio, so I will be using that, but it still does not remove the ease of which an IF statement can be deleted. Also, if I do move along with using my e-seller's licensing (eSellerate, for those that are interested), I essentially am locked into their services and could not switch e-commerce solutions if the need arises. If anyone has any suggestions or comments on how to protect .Net code, or if you can suggest any relatively well-priced commercial solutions, it would be greatly appreciated. Thanks, Mitch
-
I'm considering releasing a product for sale on the internet, but I'm having a hard time figuring out a way to protect it. I've done a lot of research on Google for commercial applications, and quite a few sound good, but spending $1000+ on a good piece of software is not feasible in my situation. My e-commerce company provides a licensing tool to use, and I can activate, validate, etc, keys using their API's. However, the problem lies in the fact that any language that runs on the .Net CLR can be easily decompiled. This would make it pretty easy to simply decompile my program, remove the IF statements that deal with licensing, and then it's free for anyone with a P2P application. How can I go about protecting these validation IF statements and DLL files (the ones that my e-seller has provided me), without spending a lot of cash? I know obfuscation can be used, and that there is a simple version of Dotfuscator included with Visual Studio, so I will be using that, but it still does not remove the ease of which an IF statement can be deleted. Also, if I do move along with using my e-seller's licensing (eSellerate, for those that are interested), I essentially am locked into their services and could not switch e-commerce solutions if the need arises. If anyone has any suggestions or comments on how to protect .Net code, or if you can suggest any relatively well-priced commercial solutions, it would be greatly appreciated. Thanks, Mitch
9rays has a good product that the CodeProject occasionally gives away in the article competitions, and I find the Obfuscator very useful and the retail prices go from $499-$699-$899 for the obfuscator depending on the edition. I know it is not much less than $1000, it is still a good product that might have longer term help for your company. One option is you could manually add encryption to the strings in the application and then have a method somewhere in your application to decrypt the string before it is actually used. Thus the unencrypted string would not be visible immediately after decomplition.
Regards, Thomas Stockwell Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. Visit my homepage Oracle Studios[^]
-
I'm considering releasing a product for sale on the internet, but I'm having a hard time figuring out a way to protect it. I've done a lot of research on Google for commercial applications, and quite a few sound good, but spending $1000+ on a good piece of software is not feasible in my situation. My e-commerce company provides a licensing tool to use, and I can activate, validate, etc, keys using their API's. However, the problem lies in the fact that any language that runs on the .Net CLR can be easily decompiled. This would make it pretty easy to simply decompile my program, remove the IF statements that deal with licensing, and then it's free for anyone with a P2P application. How can I go about protecting these validation IF statements and DLL files (the ones that my e-seller has provided me), without spending a lot of cash? I know obfuscation can be used, and that there is a simple version of Dotfuscator included with Visual Studio, so I will be using that, but it still does not remove the ease of which an IF statement can be deleted. Also, if I do move along with using my e-seller's licensing (eSellerate, for those that are interested), I essentially am locked into their services and could not switch e-commerce solutions if the need arises. If anyone has any suggestions or comments on how to protect .Net code, or if you can suggest any relatively well-priced commercial solutions, it would be greatly appreciated. Thanks, Mitch
If you have an old copy of VB6 or earlier, you can create something that is very difficult to crack. Create a small component in VB6 that does your license validation and returns a "Go" or "No go" to your main program. Old versions of VB are good for this because they are extremely difficult to trace in a debugger.
“Cannot find REALITY.SYS...Universe Halted.” ~ God on phone with Microsoft Customer Support
-
I'm considering releasing a product for sale on the internet, but I'm having a hard time figuring out a way to protect it. I've done a lot of research on Google for commercial applications, and quite a few sound good, but spending $1000+ on a good piece of software is not feasible in my situation. My e-commerce company provides a licensing tool to use, and I can activate, validate, etc, keys using their API's. However, the problem lies in the fact that any language that runs on the .Net CLR can be easily decompiled. This would make it pretty easy to simply decompile my program, remove the IF statements that deal with licensing, and then it's free for anyone with a P2P application. How can I go about protecting these validation IF statements and DLL files (the ones that my e-seller has provided me), without spending a lot of cash? I know obfuscation can be used, and that there is a simple version of Dotfuscator included with Visual Studio, so I will be using that, but it still does not remove the ease of which an IF statement can be deleted. Also, if I do move along with using my e-seller's licensing (eSellerate, for those that are interested), I essentially am locked into their services and could not switch e-commerce solutions if the need arises. If anyone has any suggestions or comments on how to protect .Net code, or if you can suggest any relatively well-priced commercial solutions, it would be greatly appreciated. Thanks, Mitch
Personally I wouldnt bother with any extra protection. I've put forward this point quite a few times on here - if people don't want to pay for your software, then they won't. If your software is popular enough that someone starts releasing cracks, then you can worry about the pirates and apply some of the money you have from sales to fixing the problem in the next version :)
Mark Churchill Director Dunn & Churchill Free Download:
Diamond Binding: The simple, powerful, reliable, and effective data layer toolkit for Visual Studio. -
Personally I wouldnt bother with any extra protection. I've put forward this point quite a few times on here - if people don't want to pay for your software, then they won't. If your software is popular enough that someone starts releasing cracks, then you can worry about the pirates and apply some of the money you have from sales to fixing the problem in the next version :)
Mark Churchill Director Dunn & Churchill Free Download:
Diamond Binding: The simple, powerful, reliable, and effective data layer toolkit for Visual Studio.Thanks to everyone for the advice. As you have suggested, I'll just stick with a simpler licensing scheme; at least it'll prevent casual copying of the software between friends, coworkers, etc. I have one more question; however. Does anyone know where I could find a good EULA template that I can modify to my liking and distribute with my application? I've found a few sample ones using Google, but I'm not sure whether they are posted for actual usage, or just as an example of what a lawyer / firm would do. Thanks, Mitch
-
If you have an old copy of VB6 or earlier, you can create something that is very difficult to crack. Create a small component in VB6 that does your license validation and returns a "Go" or "No go" to your main program. Old versions of VB are good for this because they are extremely difficult to trace in a debugger.
“Cannot find REALITY.SYS...Universe Halted.” ~ God on phone with Microsoft Customer Support
Sure, but that's his problem, a person could easily decompile the application and remove the calls to the licensing component or redirect them somewhere else that always says "GO".
Upcoming FREE developer events: * Developer Day Scotland Recent blog posts: * Mixins in C#3.0 My website | Blog
-
Sure, but that's his problem, a person could easily decompile the application and remove the calls to the licensing component or redirect them somewhere else that always says "GO".
Upcoming FREE developer events: * Developer Day Scotland Recent blog posts: * Mixins in C#3.0 My website | Blog
