USB copy protection...!!
-
Do you want to prevent reading from the USB-stick, or writing to it? If you can read it, you can copy it. The only way of making sure that there is no copy is by not letting anyone read it. Once the computer reads it, it will place a copy in the computers memory. Simplest solution? Put a password-protected zipfile on your USB-stick :)
I are troll :)
-
Not like that. May be you have used some copy protected cd/dvd's. Which you can't copy on your system but can view/play them. Similar to this can we do the same in USB drive for a particular file. This file can't be copied to any system but can be read?
My apologies for the miscommunication, I live a bit too much on assumptions. You're looking for a protection against the software-pirates. I've had some good experiences using HASP-dongles[^] in the past. You can also try to build a protection-scheme yourself, by generating unique keys for each installation. Software-based protection is often easily bypassed by installing into a virtual machine. Another option would be to convert the application to something SaaS-based, where you're required to authenticate to the webservices, before you can access the core functionality of the application. I'm sure that there are more alternatives :)
I are troll :)
-
My apologies for the miscommunication, I live a bit too much on assumptions. You're looking for a protection against the software-pirates. I've had some good experiences using HASP-dongles[^] in the past. You can also try to build a protection-scheme yourself, by generating unique keys for each installation. Software-based protection is often easily bypassed by installing into a virtual machine. Another option would be to convert the application to something SaaS-based, where you're required to authenticate to the webservices, before you can access the core functionality of the application. I'm sure that there are more alternatives :)
I are troll :)
That is a bit silly, most if not all USB memory sticks already contain a unique ID; no need to add another device to protect them. :)
Luc Pattyn [Forum Guidelines] [My Articles]
The quality and detail of your question reflects on the effectiveness of the help you are likely to get. Show formatted code inside PRE tags, and give clear symptoms when describing a problem.
-
That is a bit silly, most if not all USB memory sticks already contain a unique ID; no need to add another device to protect them. :)
Luc Pattyn [Forum Guidelines] [My Articles]
The quality and detail of your question reflects on the effectiveness of the help you are likely to get. Show formatted code inside PRE tags, and give clear symptoms when describing a problem.
Like the volume-serial on a CD, that is readonly too. Same goes for the MAC-address, so there are multiple tokens that one can choose from. How do you check whether the embedded number is valid? I think that you'd need to phone home to verify whether the software hath been sold to a customer with a USB stick with that exact serial. CD's were easily copied. Harddisk's were easily copied too - just make an image. USB serials can be found in the registry, after the connection has been made. I don't know if that can be used to fool the system, though. So, in defense of my sillyness; Using the hardware-ID may very well be a secure and simple alternative. HASP was something that I couldn't break, without breaking the rest of my system :) Last sidenote; USB-ID's aren't as unique as GUIDS. Windows also supports sticks without a key and even generates a random number for conflicting values.
I are troll :)
-
Like the volume-serial on a CD, that is readonly too. Same goes for the MAC-address, so there are multiple tokens that one can choose from. How do you check whether the embedded number is valid? I think that you'd need to phone home to verify whether the software hath been sold to a customer with a USB stick with that exact serial. CD's were easily copied. Harddisk's were easily copied too - just make an image. USB serials can be found in the registry, after the connection has been made. I don't know if that can be used to fool the system, though. So, in defense of my sillyness; Using the hardware-ID may very well be a secure and simple alternative. HASP was something that I couldn't break, without breaking the rest of my system :) Last sidenote; USB-ID's aren't as unique as GUIDS. Windows also supports sticks without a key and even generates a random number for conflicting values.
I are troll :)
Eddy Vluggen wrote:
Like the volume-serial on a CD, that is readonly too. Same goes for the MAC-address, so there are multiple tokens that one can choose from.
Not all of them can be read by a non-admin account on Vista; and MAC can easily be spoofed.
Eddy Vluggen wrote:
the hardware-ID may very well be a secure and simple alternative
Yes, but probably more expensive than the USB stick itself.
Eddy Vluggen wrote:
phone home to verify whether the software hath been sold
Right. Phone home once and deliver an encrypted license file that from then on goes with the app on the USB stick.
Eddy Vluggen wrote:
USB-ID's aren't as unique as GUIDS
Different USB stick vendors could indeed sell devices with overlapping ID numbers. No need to be galactically unique, just reduce the probability for a match to very low (say 1 in 1000). So my USB stick is unlikely to run your licensed app and vice versa. :)
Luc Pattyn [Forum Guidelines] [My Articles]
The quality and detail of your question reflects on the effectiveness of the help you are likely to get. Show formatted code inside PRE tags, and give clear symptoms when describing a problem.
-
Eddy Vluggen wrote:
Like the volume-serial on a CD, that is readonly too. Same goes for the MAC-address, so there are multiple tokens that one can choose from.
Not all of them can be read by a non-admin account on Vista; and MAC can easily be spoofed.
Eddy Vluggen wrote:
the hardware-ID may very well be a secure and simple alternative
Yes, but probably more expensive than the USB stick itself.
Eddy Vluggen wrote:
phone home to verify whether the software hath been sold
Right. Phone home once and deliver an encrypted license file that from then on goes with the app on the USB stick.
Eddy Vluggen wrote:
USB-ID's aren't as unique as GUIDS
Different USB stick vendors could indeed sell devices with overlapping ID numbers. No need to be galactically unique, just reduce the probability for a match to very low (say 1 in 1000). So my USB stick is unlikely to run your licensed app and vice versa. :)
Luc Pattyn [Forum Guidelines] [My Articles]
The quality and detail of your question reflects on the effectiveness of the help you are likely to get. Show formatted code inside PRE tags, and give clear symptoms when describing a problem.
Luc Pattyn wrote:
Not all of them can be read by a non-admin account on Vista; and MAC can easily be spoofed.
That's why we ended up with Dongles. I didn't know that Vista also protected the serials from non-admins.
Luc Pattyn wrote:
deliver an encrypted license file that from then on goes with the app on the USB stick
..and protect that file, otherwise people will copy it along with the application itself. I'd rather see the application phone home multiple times, during each run of the application.
Luc Pattyn wrote:
No need to be galactically unique
Agreed, that would be extreme. I just tried it, and it seems that you can easily change the USB-ID in the registry, but that won't fool the system. It seems that the days of the dongle have somewhat passed :)
I are troll :)
-
Luc Pattyn wrote:
Not all of them can be read by a non-admin account on Vista; and MAC can easily be spoofed.
That's why we ended up with Dongles. I didn't know that Vista also protected the serials from non-admins.
Luc Pattyn wrote:
deliver an encrypted license file that from then on goes with the app on the USB stick
..and protect that file, otherwise people will copy it along with the application itself. I'd rather see the application phone home multiple times, during each run of the application.
Luc Pattyn wrote:
No need to be galactically unique
Agreed, that would be extreme. I just tried it, and it seems that you can easily change the USB-ID in the registry, but that won't fool the system. It seems that the days of the dongle have somewhat passed :)
I are troll :)
Eddy Vluggen wrote:
I didn't know that Vista also protected the serials from non-admins.
The harddisk serial number, the real one, not the soft volume number, is not accessible. Baseboard ID is accessible, but that one can get erased/modified by tweaking the BIOS.
Eddy Vluggen wrote:
the days of the dongle have somewhat passed
IMO the expense of a dongle is only justified if you need (part of) the protection code be resident (and maybe executed) inside a tamper-proof device (rather than in reflectorable .NET code); however that would apply to expensive software only. :)
Luc Pattyn [Forum Guidelines] [My Articles]
The quality and detail of your question reflects on the effectiveness of the help you are likely to get. Show formatted code inside PRE tags, and give clear symptoms when describing a problem.
-
Eddy Vluggen wrote:
I didn't know that Vista also protected the serials from non-admins.
The harddisk serial number, the real one, not the soft volume number, is not accessible. Baseboard ID is accessible, but that one can get erased/modified by tweaking the BIOS.
Eddy Vluggen wrote:
the days of the dongle have somewhat passed
IMO the expense of a dongle is only justified if you need (part of) the protection code be resident (and maybe executed) inside a tamper-proof device (rather than in reflectorable .NET code); however that would apply to expensive software only. :)
Luc Pattyn [Forum Guidelines] [My Articles]
The quality and detail of your question reflects on the effectiveness of the help you are likely to get. Show formatted code inside PRE tags, and give clear symptoms when describing a problem.
Luc Pattyn wrote:
IMO the expense of a dongle is only justified if you need (part of) the protection code be resident (and maybe executed) inside a tamper-proof device (rather than in reflectorable .NET code); however that would apply to expensive software only.
You are right, off course :) I only used it in the past in conjunction with Delphi, for an enterprise-level application. Just found several software emulators and workarounds for the old HASP, so it is even questionable if the more expensive solution also offers a better protection.
I are troll :)
-
Not like that. May be you have used some copy protected cd/dvd's. Which you can't copy on your system but can view/play them. Similar to this can we do the same in USB drive for a particular file. This file can't be copied to any system but can be read?
Hum Dum wrote:
Which you can't copy on your system
Oh yes you can. There is nothing preventing you from copying the stuff on the CD to another drive. You just can't run the app because of the copy-protection scheme built into the applications code. Think about it. If you deny reading a device that has your application on it, how are you going to READ THE .EXE into memory to run it??
A guide to posting questions on CodeProject[^]
Dave Kreskowiak Microsoft MVP Visual Developer - Visual Basic
2006, 2007, 2008modified on Wednesday, May 13, 2009 3:29 PM
-
Is there any way by which i can make USB drive read-only i.e no one can copy from USB drive. Data cannot be copied from my USB drive on any system, can this be done? regards
I have used a solution to make a stick not only write protected [you cannot delete or format the files off] but also copy protected the files so they cannot be copied then used. The solution doesn't work for every file type, but hits the majors, liek PDF, SWF, exe and some others. http://www.nexcopy.com/usb-secure-flash-drives is the page with info. Bumber that it does require you to use their sticks...