Security a la Palladium ¿? ;)
-
Hi! After months, and months of architecting, programming and debugging we have finished our first multimedia educationnal software! Great!!! :-D ...*But*, security is lacking.. ************************** Can what follows be done, and how please!?? 1- Get a C# Windows Service installed silently (before the normal installation of the software) that gathers the components' names of the target computer (where the software is installed) 2- Converts those components' names into a string (like, a GUID, sort of...) then sends it to our web server, encrypted. 3- Our web server then sends back a DLL (or something!.. whatever..!) that is incorporated with the software that is installed. 4- Every time the application starts, it checks for the Windows Service' string (or unique computer signature) to verify that it matches the DLL that our Web server sent. DONE! is this possible, or secure?? How can i do that? I'm fairly proefficient in C# (which is in what our app is written), and to know how to do this kind of security would be great. ps.: have any ideas on this method? thanks! Antoine Dubuc Orchus Technologies This by our hands that dream, "I shall find a way or make one!" great quote heh? This by our hands that dream, "I shall find a way or make one!" great quote heh? ;)
-
Hi! After months, and months of architecting, programming and debugging we have finished our first multimedia educationnal software! Great!!! :-D ...*But*, security is lacking.. ************************** Can what follows be done, and how please!?? 1- Get a C# Windows Service installed silently (before the normal installation of the software) that gathers the components' names of the target computer (where the software is installed) 2- Converts those components' names into a string (like, a GUID, sort of...) then sends it to our web server, encrypted. 3- Our web server then sends back a DLL (or something!.. whatever..!) that is incorporated with the software that is installed. 4- Every time the application starts, it checks for the Windows Service' string (or unique computer signature) to verify that it matches the DLL that our Web server sent. DONE! is this possible, or secure?? How can i do that? I'm fairly proefficient in C# (which is in what our app is written), and to know how to do this kind of security would be great. ps.: have any ideas on this method? thanks! Antoine Dubuc Orchus Technologies This by our hands that dream, "I shall find a way or make one!" great quote heh? This by our hands that dream, "I shall find a way or make one!" great quote heh? ;)
What do you need the list of installed components for? Are you looking for a way to secure your application from illegal copies. If you are, take a look at this wonderful licensing solution : http://www.xheo.com/products/licensing/default.aspx[^]
-
Hi! After months, and months of architecting, programming and debugging we have finished our first multimedia educationnal software! Great!!! :-D ...*But*, security is lacking.. ************************** Can what follows be done, and how please!?? 1- Get a C# Windows Service installed silently (before the normal installation of the software) that gathers the components' names of the target computer (where the software is installed) 2- Converts those components' names into a string (like, a GUID, sort of...) then sends it to our web server, encrypted. 3- Our web server then sends back a DLL (or something!.. whatever..!) that is incorporated with the software that is installed. 4- Every time the application starts, it checks for the Windows Service' string (or unique computer signature) to verify that it matches the DLL that our Web server sent. DONE! is this possible, or secure?? How can i do that? I'm fairly proefficient in C# (which is in what our app is written), and to know how to do this kind of security would be great. ps.: have any ideas on this method? thanks! Antoine Dubuc Orchus Technologies This by our hands that dream, "I shall find a way or make one!" great quote heh? This by our hands that dream, "I shall find a way or make one!" great quote heh? ;)
Orlanda Ramos wrote: Get a C# Windows Service installed silently ... that gathers the components' names of the target computer Silently install a possibly public web service? No, thanks. Orlanda Ramos wrote: ...sends back a DLL... Another silent installation of executable code? No, thanks. Your application might be safe to sell for you, but the user is at the whim of your company, your code security and every hacker on the 'net, because you introduced a slew of security holes. If any application would do this kind of dangerous, annoying and extensive license verification, it's probably not worth using. Ironically, Windows XP introduced seemingly similar techniques. But at the heart, they are different.