Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > License Enforcement

Reply
Thread Tools

License Enforcement

 
 
Spam Bait
Guest
Posts: n/a
 
      07-15-2003
Hi all.

We've been asked by a client to develop a method of license enforcement
for some software they've developed and intend to sell. Their software
is an Access app ( yeah I know ... not particularly secure, but they are
the customer ) but we intend to build some OCX objects, maybe in Perl,
and re-use parts of it in later projects in Linux.

I'm currently researching our alternatives. I have NO experience in
this, so if I say something stoopid, go easy OK?

I've already checked out some commercial implementations - none of which
are cross-platform - which isn't necessary but is a big one of our
wish-list, so I'm now looking at the option of doing it in-house.

I've pretty much decided to use a product-activation scenario, where an
installation ID is made from a combination of hardware IDs and some
other stuff we can pull from the system. This will be encrypted and sent
to the license provider ( eg via email / phone / something ) and an
encrypted activation key will be created.

Some issues with this system are:

- hardware changes mean they have to re-register ... a possible solution
is to only use the motherboard ID ( which isn't likely to change without
a re-install anyway ), though this may not be unique enough.

- users don't like product activation. I can see their point here...


Any comments / suggestions? I have done a pretty extensive search of
groups.google.com and found almost nothing on the topic.

Am I approaching this the right way?

Thanks for any help!

Dan

 
Reply With Quote
 
 
 
 
Jim Watt
Guest
Posts: n/a
 
      07-15-2003
On Tue, 15 Jul 2003 14:57:19 +1000, Spam Bait
<(E-Mail Removed)> wrote:

>Hi all.
>
>We've been asked by a client to develop a method of license enforcement
>for some software they've developed and intend to sell. Their software
>is an Access app ( yeah I know ... not particularly secure, but they are
>the customer ) but we intend to build some OCX objects, maybe in Perl,
>and re-use parts of it in later projects in Linux.
>
>I'm currently researching our alternatives. I have NO experience in
>this, so if I say something stoopid, go easy OK?
>
>I've already checked out some commercial implementations - none of which
>are cross-platform - which isn't necessary but is a big one of our
>wish-list, so I'm now looking at the option of doing it in-house.
>
>I've pretty much decided to use a product-activation scenario, where an
>installation ID is made from a combination of hardware IDs and some
>other stuff we can pull from the system. This will be encrypted and sent
>to the license provider ( eg via email / phone / something ) and an
>encrypted activation key will be created.
>
>Some issues with this system are:
>
>- hardware changes mean they have to re-register ... a possible solution
>is to only use the motherboard ID ( which isn't likely to change without
>a re-install anyway ), though this may not be unique enough.
>
>- users don't like product activation. I can see their point here...
>
>
>Any comments / suggestions? I have done a pretty extensive search of
>groups.google.com and found almost nothing on the topic.
>
>Am I approaching this the right way?
>
>Thanks for any help!
>
>Dan


although you can do all sorts of things, they are more likely
to **** off the end user of the product.

stick with an activation key based on the users name.
--
Jim Watt http://www.gibnet.com
 
Reply With Quote
 
 
 
 
Bill Unruh
Guest
Posts: n/a
 
      07-15-2003
Spam Bait <(E-Mail Removed)> writes:

]Hi all.

]We've been asked by a client to develop a method of license enforcement
]for some software they've developed and intend to sell. Their software
]is an Access app ( yeah I know ... not particularly secure, but they are
]the customer ) but we intend to build some OCX objects, maybe in Perl,
]and re-use parts of it in later projects in Linux.

]I'm currently researching our alternatives. I have NO experience in
]this, so if I say something stoopid, go easy OK?

]I've already checked out some commercial implementations - none of which
]are cross-platform - which isn't necessary but is a big one of our
]wish-list, so I'm now looking at the option of doing it in-house.

]I've pretty much decided to use a product-activation scenario, where an
]installation ID is made from a combination of hardware IDs and some
]other stuff we can pull from the system. This will be encrypted and sent
]to the license provider ( eg via email / phone / something ) and an
]encrypted activation key will be created.

]Some issues with this system are:

]- hardware changes mean they have to re-register ... a possible solution
]is to only use the motherboard ID ( which isn't likely to change without
]a re-install anyway ), though this may not be unique enough.

]- users don't like product activation. I can see their point here...


]Any comments / suggestions? I have done a pretty extensive search of
]groups.google.com and found almost nothing on the topic.

a) Any activation procedure will make your customers your enemy. Not
only do youtak e their money but thenmake them jump through hoops to use
the damn stuff. suddenly a computer goes down and not only do they have
to pay for a new one and find those damn backups, but then the program
they need nolonger works and that manual with the license number got
lost in the fire as well. One of the most precious comodities a business
can have is its customer good will, and you have just blown it to hell.
b) Physical 'Activation'-- eg the cdrom must be in the drive to run
theprogram. Better, but then that cdrom gets chewed up by a dog, and
theprogram is useless. No backups possible. Would you trust your
business to this?
c) License server. Again how well do you handle corruption, and media
loss?

You are selling service. How much are you doing the equivalent of a car
manufacturer demanding that you take the car back to detroit, even if
you live in California, if something goes wrong? Your program willhave
bugs in it, which you expect the customer to accept instad of suing the
pants off you. Treat them with some of the same consideration and
respect you ask of them.
 
Reply With Quote
 
Bill Unruh
Guest
Posts: n/a
 
      07-17-2003
Leythos <(E-Mail Removed)> writes:

]In article <bf01ip$mk6$(E-Mail Removed)>,
](E-Mail Removed) says...
]> Hi all.
]>
]> We've been asked by a client to develop a method of license enforcement
]> for some software they've developed and intend to sell. Their software
]> is an Access app ( yeah I know ... not particularly secure, but they are
]> the customer ) but we intend to build some OCX objects, maybe in Perl,
]> and re-use parts of it in later projects in Linux.
]>
]> I'm currently researching our alternatives. I have NO experience in
]> this, so if I say something stoopid, go easy OK?
]>
]> I've already checked out some commercial implementations - none of which
]> are cross-platform - which isn't necessary but is a big one of our
]> wish-list, so I'm now looking at the option of doing it in-house.
]>
]> I've pretty much decided to use a product-activation scenario, where an
]> installation ID is made from a combination of hardware IDs and some
]> other stuff we can pull from the system. This will be encrypted and sent
]> to the license provider ( eg via email / phone / something ) and an
]> encrypted activation key will be created.

]As I've read, the people are saying that your customers will hate you.
]While I'm sure that customers will be upset when they have to do an
]install in the middle of the weekend or night, if you overcome the need
]to contact you for reinstalls then it's a non-issue.

]I suggest that you follow the hardware/user ID method, then make a file
]that they can export and save so that if they have to reinstall on the
]same computer they don't need to call you. Make it so that a key is
]saved on Diskette.

]If you pick something like CPU type/speed, Hard drive, Memory, Video
]card, OS - let them change any one without a reset.

And what would be the prupose? anything someone changes teh cpu, almost
all of those are liable to change as well-- since if you are upgrading
of fixing a dodgy system you will change more than one thing. And if you
can change any of them what is their purpose?


 
Reply With Quote
 
mto
Guest
Posts: n/a
 
      07-17-2003

"Spam Bait" <(E-Mail Removed)> wrote in message
news:bf01ip$mk6$(E-Mail Removed)...
> Hi all.
>
> We've been asked by a client to develop a method of license enforcement
> for some software they've developed and intend to sell. Their software
> is an Access app ( yeah I know ... not particularly secure, but they are
> the customer ) but we intend to build some OCX objects, maybe in Perl,
> and re-use parts of it in later projects in Linux.
>
> I'm currently researching our alternatives. I have NO experience in
> this, so if I say something stoopid, go easy OK?
>
> I've already checked out some commercial implementations - none of which
> are cross-platform - which isn't necessary but is a big one of our
> wish-list, so I'm now looking at the option of doing it in-house.
>
> I've pretty much decided to use a product-activation scenario, where an
> installation ID is made from a combination of hardware IDs and some
> other stuff we can pull from the system. This will be encrypted and sent
> to the license provider ( eg via email / phone / something ) and an
> encrypted activation key will be created.
>
> Some issues with this system are:
>
> - hardware changes mean they have to re-register ... a possible solution
> is to only use the motherboard ID ( which isn't likely to change without
> a re-install anyway ), though this may not be unique enough.
>
> - users don't like product activation. I can see their point here...
>
>
> Any comments / suggestions? I have done a pretty extensive search of
> groups.google.com and found almost nothing on the topic.
>
> Am I approaching this the right way?
>
> Thanks for any help!
>
> Dan
>


Take a good look over at Extremetech at the user backlash towards Intuit and
both their tax prep software and Quicken over DRM before you proceed -

http://www.extremetech.com/article2/...1088341,00.asp


 
Reply With Quote
 
joe
Guest
Posts: n/a
 
      07-24-2003
licenses are for Local Users............

mto wrote:

> "Spam Bait" <(E-Mail Removed)> wrote in message
> news:bf01ip$mk6$(E-Mail Removed)...
> > Hi all.
> >
> > We've been asked by a client to develop a method of license enforcement
> > for some software they've developed and intend to sell. Their software
> > is an Access app ( yeah I know ... not particularly secure, but they are
> > the customer ) but we intend to build some OCX objects, maybe in Perl,
> > and re-use parts of it in later projects in Linux.
> >
> > I'm currently researching our alternatives. I have NO experience in
> > this, so if I say something stoopid, go easy OK?
> >
> > I've already checked out some commercial implementations - none of which
> > are cross-platform - which isn't necessary but is a big one of our
> > wish-list, so I'm now looking at the option of doing it in-house.
> >
> > I've pretty much decided to use a product-activation scenario, where an
> > installation ID is made from a combination of hardware IDs and some
> > other stuff we can pull from the system. This will be encrypted and sent
> > to the license provider ( eg via email / phone / something ) and an
> > encrypted activation key will be created.
> >
> > Some issues with this system are:
> >
> > - hardware changes mean they have to re-register ... a possible solution
> > is to only use the motherboard ID ( which isn't likely to change without
> > a re-install anyway ), though this may not be unique enough.
> >
> > - users don't like product activation. I can see their point here...
> >
> >
> > Any comments / suggestions? I have done a pretty extensive search of
> > groups.google.com and found almost nothing on the topic.
> >
> > Am I approaching this the right way?
> >
> > Thanks for any help!
> >
> > Dan
> >

>
> Take a good look over at Extremetech at the user backlash towards Intuit and
> both their tax prep software and Quicken over DRM before you proceed -
>
> http://www.extremetech.com/article2/...1088341,00.asp


 
Reply With Quote
 
sotwr9 sotwr9 is offline
Junior Member
Join Date: Apr 2009
Posts: 3
 
      04-28-2009
While some of these criticisms used to apply to product activation systems, the technology has improved.

Search on knol (dot) google (dot) com under 'product activation' for a couple of articles on the topic.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Enforcement of Password Change =?Utf-8?B?V2FzaQ==?= MCSE 2 02-23-2006 01:46 AM
Request for a downgrade from x64 OEM license to 32-bit OEM license =?Utf-8?B?SmVyZW15IFdvbmcg6buD5rOT6YeP?= Windows 64bit 58 09-22-2005 11:33 PM
What license to choose for Python programs? (PSF License vs. GPL/LGPL) Volker Grabsch Python 2 07-25-2005 12:06 PM
Yet another new "copyright enforcement" bill in Congress Modemac DVD Video 24 11-20-2004 07:07 PM
Pix 501 VPN License Issue - Not freeing License Jens Haase Cisco 1 01-29-2004 08:29 PM



Advertisments