This question already has an answer here:
How to make a WPF application a 30 day trial version, and make it licensed using product key?
(1 answer)
Closed 8 years ago.
C# 2008 SP1
I am writing an application that I want to give to a select number of customers.
What is the best solution to use so that after the trail period (1 month) the application will no longer work.
I was thinking that if they are interested in purchasing the software I will give them a license key or something, to unlock the application.
I am have a very limited budget as I am working on my own. So is there any free 3rd party products that does this?
If you go with a date-based approached, it can be circumvented by a user's setting their date back (although I doubt people do this very often). An alternative is to allow the application to be started a certain number of times before expiring; this approach obviously ignores any date changes.
My preferred method is to disable parts of the application that are critical to normal use of the program but aren't critical to its evaluation (like the ability to save your work, for example). I do this with my own software, and then send them an unlocking code unique to their computer when they purchase the full program. One primary advantage of this approach is that the installed demo functions as a potential sales tool forever. I'd rather have my program always working to some extent; I don't think a "Sorry, this program has expired" message generates many sales.
Your options:
At the installation write something to the registry, so that it is hard to find and remove later. This way your application will know when it was originally installed and whether it should still work right now or stop. This method will fail if the registry is cleaned well or if the OS is reinstalled.
Use some sort of online validation service. Will be free of the disadvantages of the [1]. Will also allow you to monitor application activity transcending the OS installation. For that to work you will need to somehow uniquely identify a user PC and transmit its signature to your server.
Here is the trick i did to stop users from playing with date/time settings and back dating the clock.
When the app runs for the first time, encrypt the first run date and end trial date and last run date in registry. And decrypt and check the end trial date and not system date from there on everytime the app runs. This solution works for users with no internet connectivity.
Write a registry key during your installation. The key will contain the date of the installation. The date in the registry key must be encrypted.
When your application is started, check for the existence of this registry key. If it does not exist close the application else decrypt the date, check the trial period and close the application if the trial is over.
The simplest solution (and as a result the simplest to circumvent) is to store the date the program is first installed (or run) in a file and then check that against the current date whenever the program is launched. If the difference is > 30 days then exit the program.
By storing the date in more obscure places or places that are harder for the user to tamper with (such as the registry) then it gets progressively harder for them to circumvent the system and get more time to use it, but doesn't stop them rewinding the clock on their PC.
If you store the date on your server and also get the date from your server then this is more secure, but does mean that the user has to have an open internet connection to use your software.
Related
I've got a small program I made to improve on simple work efficiencies. In effect it's just an application that has direct links to applications and websites, allows text input and formats it appropriately so this information to be stored and recalled quickly.
This has been running for years on our corporate machines (running Windows 7 and 8) just by emailing the .exe to myself with a password protected zip and starting it on the machine, but we're now upgrading to Windows 10 machines and these are locked down to the point where no foreign software can be ran. I know the reasons for this are security, but I am looking for a way around it or alternative way of deploying the software.
I am looking into getting the software authorised for use, but in effect this will be unlikely given how often I update and change things on it (or business changes frequently in terms of process and operation) - it would just be inconvenient.
It's a C# program. NET 4.5.
I can't get admin permission on these machines. Is there anything I can do?
Thanks!
If you cannot run untrusted applications, then instead build your solution within another product that you can use.
For example-- you can probably do all of your direct links to websites and any text input / reformatting you might need with javascript entirely within an html page. Open the .html file with your browser and there you have it.
You can also do many things with VBA scripts in Excel or Word documents.
You may also be able to use powershell to do your automation.
I am having one situation related to security and need your valuable suggestions or solutions.
So the story goes like this:
There is a Windows (consider Win 7 and above. This is an end user machine and not any server) machine and it is having 2 desktop applications. One is written in C++ and the other is written in C#.
One application emits some data as configurations which I need to save on this machine (on disk), later when another application wakes up, it will pick the configuration file and do whatever it is supposed to do.
Both the applications are 2 different application. There is no relationship between them except that they are installed on the same machine.
Now, from the security and consistency point of view, I do not want that user access this file and play with this/update it or delete it.
So my question here is what is the best way (or safest place) to secure the file on the Windows machine so that user will not be able to temper it? The amount of config data is very small - consider 3 string fields like first name, last name and age in json format.
Thanks.
Please, have patience if this question is long but I have never worked on this complex program which was developed by colleague of mine before I was recruited.
We have this web application running on .NET Framework v2.0 CLR. Anyway, this program is not natively written in C# but we must use a framework called Instant Developer which converts the code in a .NET application. The application runs in a Windows Server 2012 R2 under IIS 8 and with SQL Server 2014.
So, inside this application there is a very big directory called "photos" which contains a photo of each work a user completes. When the program was developed, our customer told us that very few photos were compulsory so my colleague thought that a unique directory was enough. But in this years the requirements have changed. Therefore, now a photo must be take for each work and so that directory today contains more than 5 millions of files. Consequently, it is not openable anymore by Windows Explorer, if I try the server blocks. Last month, our server was attacked by a crypto locker and my bosses decided to pay in order to get a decrypter otherwise our customer will ask us to pay a fine for each file which was lost. As soon as we have finished to recover our files, my boss asked to divide this huge directory into sub directories like /year/month/day. This can be easily done by a python script but the problem is that our customer registered in SAP a link to see that photo of this form
https://www.ourserver.it/applicationName/photo/file.jpg
and they told us they will refuse to change it.
So, I would like to change the path of the photo in the database and, somehow, give instructions to IIS 8 in order that when it receives a URL like the previous, it should query the database, discover the new path and then redirect the client to a new URL like:
https://www.ourserver.it/applicationName/photo/year/month/day/file.jpg
This event is not catchable by the framework we use, that's why I need to program IIS in this way.
How can I achieve this? I don't care if I have to write code, not a problem. But if this could be done reasonably without going mad I would really appreciate your help.
I'm developing a small tool that is going to be distributed via executable.
The first time it is executed I want a tutorial to be displayed. As users are supposed to copy/paste the tool to theirs coworkers it would be nice if I detect that the machine has been changed and display the tutorial again for the new user.
If I could identify the machine ID somehow I could store it (as a setting for example) and compare it at startup in order to display or not the tutorial.
Is there a way to identify somehow the current machine?
Have a look at LocalStorage - which basically stores information per user. Write a small file on startup und check for it every time. If it's there, you know the user otherwise he is new.
The Process Class has a property which indicates the machine name.
Process.GetCurrentProcess().MachineName
Edit
Or get the machine name from System.Environment.MachineName
(thanks to Andreas Niedermair for mentioning it)
I am developing applications for both Windows system(using C#) and Android phone. These applications allows user to upload data(data can be text only at present) on the server. If the user is offline, the data is saved in the respective systems locally. When the user is online, the data is sent to server in the same order as it was created. These two applications are for user's convenience so that whichever system is available to user at a particular time, the user can use that to upload the data. Now the problem is that the order of the documents in which they were created can be known for that system only which was used to create the same. Is there any way that we can get the order across the systems. e.g. The user wrote some text for upload using Android phone which was saved locally on phone because user was offline. Next time user wrote a text from Windows system which was also saved locally. Now when both are supposed to uploaded how can we know the order in which they were created.
At first, I thought of using local system time for this purpose but it can change. And in that case the order will get messed up.
I also thought of creating my own clock i.e. when the user is online it will get time for server and after that it will calculate time on its own. But I am stuck because if the system/phone is switched off, the application will not run anymore and hence lose track of time.
The next thing which follows up is to get time from system rtc. In case of Windows(C#) it is same as what we get from
DateTime.Now
which will return the current system time which can be wrong also. What is the best possible answer for this situation.
Is getting time from server and setting system's time to the same is a good idea?
I am open to suggestions, discussions and any other ideas.
You could change your synchronization process to this:
Get the server's DateTime
Get the local system's DateTime
Get the file's "last modified" DateTime
Calculate the difference between (1) and (2), minding possible time zone differences
Add (3) and (4) together to get the real "last modified" DateTime
EDIT
This simple algorithm will work only if:
The local clock has simply gone out of sync (as clocks tend to do)
The local clock was never properly configured (e.g. count started at 01/01/1900)
This algorithm fails when:
A user intentionally changes the local time settings
A user intentionally changes a file's timestamp
The question is whether the last 2 cases are really worth accounting for?