Author |
Message |
furjaw
|
Posted: Visual Basic Express Edition, 30 day Free Trial |
Top |
I am adding "30 day Free Trial" code to my app.
I want to write out a file to a secret location with the first run date, etc.
Would C:/Windows/System be a good place to put it
Visual Studio Express Editions8
|
|
|
|
|
nobugz
|
Posted: Visual Basic Express Edition, 30 day Free Trial |
Top |
No, don't mess with the system folders. C:\Documents and Settings\All Users\Application Data\Your name\Your app is hard to find too. Consider using the registry...
|
|
|
|
|
ahmedilyas
|
Posted: Visual Basic Express Edition, 30 day Free Trial |
Top |
even then users still will be able to modify it.
|
|
|
|
|
DMan1
|
Posted: Visual Basic Express Edition, 30 day Free Trial |
Top |
Instead of using a secret location you would be better off using an encrypted binary file that is located in the startup path of your app....Create a dependency to the file and during app startup if the file does not exist or contains invalid data then shutdown the app
|
|
|
|
|
ahmedilyas
|
Posted: Visual Basic Express Edition, 30 day Free Trial |
Top |
there's actually been quite a few topics about this, do a forum search and you will see a few hits
Even Dman1 solution has a flaw and is not a real answer - the user can easily reflect the assembly, find the encryption algorithm and then decrypt the encrypted file and set whatever date they want back in the file encrypted - the app would be fooled in thinking it has only ran from the current date for example
|
|
|
|
|
ReneeC
|
Posted: Visual Basic Express Edition, 30 day Free Trial |
Top |
Clearly Dman had the right answer.
Try the SecureString class. You'll be a little challenged in researching them.
Securestrings are one of the classes I won't illustrate. Everything I have that uses securestrings are ...well... a secret.
|
|
|
|
|
ahmedilyas
|
Posted: Visual Basic Express Edition, 30 day Free Trial |
Top |
actually ReneeC I had stated why it would still be a security flaw
|
|
|
|
|
DMan1
|
Posted: Visual Basic Express Edition, 30 day Free Trial |
Top |
| Even Dman1 solution has a flaw and is not a real answer - the user can easily reflect the assembly, find the encryption algorithm and then decrypt the encrypted file and set whatever date they want back in the file encrypted - the app would be fooled in thinking it has only ran from the current date for example |
|
For your knowledge ahmed, there is no such thing as perfect security! And I very seriously doubt that the user can "easily" find the encryption algorithym...in fact I would challenge you to do what you say is so easily done...If you would like I can send you a file and you can send it back decrypted...If you can!
|
|
|
|
|
ahmedilyas
|
Posted: Visual Basic Express Edition, 30 day Free Trial |
Top |
Oh I know no security is perfect but its better to have some strong security in place.
Once again, I guess we have to agree to disagree :-)
|
|
|
|
|
jwooley
|
Posted: Visual Basic Express Edition, 30 day Free Trial |
Top |
|
|
|
DMan1
|
Posted: Visual Basic Express Edition, 30 day Free Trial |
Top |
|
Oh I know no security is perfect but its better to have some strong security in place.
Once again, I guess we have to agree to disagree :-)
|
|
SO please tell us what your solution is and what you are disagreeing with!
I guess decrypting wasn't as easy as you told the user!
|
|
|
|
|
spotty
|
Posted: Visual Basic Express Edition, 30 day Free Trial |
Top |
Trying to write stuff into this location would fail on Windows Vista , although thats looking to the future as its a protected folder.
|
|
|
|
|
furjaw
|
Posted: Visual Basic Express Edition, 30 day Free Trial |
Top |
>Trying to write stuff into this location would fail on Windows Vista , although thats looking to the future as its a protected folder.
THANKS FOR TELLING ME THAT!
I was planning to write out a file to c:\windows\system!
I have to write out a file to a secret location, because if the file does not exist that means that it is the start of the 30 day free trial. Otherwise, uninstalling the program and re-installing it would start the free trial all over again.
It is only the presence of the secret file that prevents use beyond the 30 days.
|
|
|
|
|
helperman
|
Posted: Visual Basic Express Edition, 30 day Free Trial |
Top |
i suggest putting it in the program its self and make several codes that do nothing around you main code that regulates the trial!
|
|
|
|
|
SJWhiteley
|
Posted: Visual Basic Express Edition, 30 day Free Trial |
Top |
As an alternative, create a 'demo' version with limited or restricted functionality - they can use it as long as they like. If it is truly useful, provide a mechanism within the program for obtaining the 'full' version (with license number, user name, etc. However much information you feel will keep people 'honest').
There's o way to prevent a user taking the full version and copying it to ther machines short of web authentication (with it's obvious and annoying flaws) or a hardware key (with the added expense).
|
|
|
|
|
|