|
4-19-02
Software Distribution Part 3 by
Erick Tejkowski
Today we conclude our discussion about releasing software by examining some code for protecting your software.
This time we'll look at some code to get you started on a software protection scheme.
Introduction
As I mentioned last week, there are many possible ways for you to "protect" your software.
I put "protect" in quotation marks, because in reality, your best efforts in software protection
will be thwarted. Don't fret, though. With a little creativity, you can stop casual pirates (i.e. keep the honest folks honest) and
slow down the pirates.
Code Examples
Last week we looked as some possible tools you can use to protect your software. Some of these include:
- Registration Key
- Nagware
- Partial features
- Time-limited demo
- CD-ROM required
Registration Key Perhaps the most common prevention tool is the registration key. In this scheme you issue some sort of
key to clients and customers. The user enters the key when prompted and the software is registered for use. As you might imagine,
there are many ways to approach this problem. The main idea is to make a registration key algorithm that produces
keys that are difficult to reproduce from thin air. Usually this means a string containing letters and numbers, often combined into
groups of 4 or 5 characters at a time. For example, you might construct a registration key like this:
dim name,s as string
dim code as string
dim i,v,value1,value2 as integer
//normally we'd assign this
//from an editfield or some such
name = NameKeyField.text
//we will construct a registration key
//of three groups
//that looks like this
//XXXX-XXXX-XXXX-XXXX
//1. XXXX - number of characters in the name
//2. XXXX - the sum of the ASCII value of each character
//3. XXXX - a checksum (1st set + 2nd set)
//1. we want four characters when this is all over
//so just tack on four zeroes to the name now
//we may not need it, but we'll chop off what we don't
//with the "right" statement
s = "0000"+str(len(name))
s = right(s,4)
value1 = val(s)
code = s+"-"
//2. add up all the ascii values for each character
// watch out! if the name is too long, values over 9999 will be a problem
//not a problem for most names :-)
v=0
for i=1 to len(name)
v = v+asc(mid(name,i,1))
next
s = "0000"+str(v)
s = right(s,4)
value2 = val(s)
code=code+s+"-"
//3. - calculate the checksum
s = "0000"+str(value1+value2)
s = right(s,4)
code=code+s
staticText1.text = code
This is a rudimentary example for creating registration keys, but it illustrates an important point or two. First off, there are many ways you can
combine characters and digits to form a registration key. Be creative here. Any little twist you can add will throw
the casual software pirate. Secondly, the final segment being a checksum is important. Checksums lower the probability
that a pirate can randomly produce valid keys. This stems from the fact that information in the checksum is dependent
on information elsewhere in the key. This makes it harder for the crackers that are trying to defeat your protection
by automatically generating random registration keys in search of a valid one. Some other things to consider about registration keys:
- Registration Keys are most often "cracked" by brute force methods (randomly generated keys) or legitimate users sharing their codes
- Don't permit users to attempt registration more than a few times. After 3 or 4 failed attempts, force the application to quit (in a friendly manner of course). This helps thwart brute force methods,
because the pirate has to repeatedly restart your application to try more keys.
- Don't tell anyone your registration scheme (duh!)
The above code showed you how to create a registration key. To use the key, simply test it in reverse.
dim key,name,s as string
dim group1,group2,group3 as string
dim i,v as integer
key = KeyField.text
name = NameField.text
if len(key)<>14 then
MsgBox "Invalid key"
return
end if
group1 = mid(key,1,4)
group2 = mid(key,6,4)
group3 = mid(key,11,4)
//test group 1
if len(name)<>val(group1) then
MsgBox "Invalid key"
return
end if
//test group 2
v=0
for i=1 to len(name)
v = v+asc(mid(name,i,1))
next
s = "0000"+str(v)
s = right(s,4)
if s<>group2 then
MsgBox "Invalid key"
return
end if
//test group 3
if val(group3)<>(val(group1)+val(group2)) then
MsgBox "Invalid key"
return
end if
MsgBox "Valid key"
Conclusion
We've looked at some of the issues you are up against when trying to sell software, but when it comes down to it creativity, fortitude, and good code
are your best weapons. You can download the code used in this tutorial to help you get started. Have fun and see you next week!
4-16-02
REALbasic News
by
Erick Tejkowski
Cosgrove's Cogs
Will Cosgrove has been busy lately. He has released a new Speech plugin which gives you text-to-speech abilities as well as speech recognition.
He also posted an update to his Round Button and Rounded Bevel Button plug-ins. These plug-ins allow users to create real round navigation buttons
and rounded bevel buttons under Mac OS X and are compatible with OS 8.5 and higher.
You can get all the above items here:http://homepage.mac.com/everyday/code/
StringStuff Plug-in
Version 3.1 of the string stuff plugin has been released.
This version fixes all known bugs. Adds a lot of speed improvements all
over and adds new features. It is available here.
Daytime Protocol Socket Class
John Balestrieri has posted a Daytime Protocol Socket Class on his web site.
The project contains a reusable class and some demo code. Together,
they will connect to one of several time servers to retrieve following
information:Modified Julian Date, Year, Month, Day, Hour, Minute, Second, Daylight Savings, Leap Second Code, Health, Milliseconds that NIST advances, and UTC(NIST) Label
WWDC
Going to the WWDC? Then don't miss the planned REALbasic events.
Explore the latest features and capabilities of REALbasic for Mac OS X developers at REAL Software's Lunchtime session.
Attend the REALbasic "Birds of a Feather" session to discuss issues and solve problems with your peers.
Made with REALbasic
The La Jolla Underground has announced StockittoMe 1.1, a
utility that fetches stock information from the Internet and displays
that information in a table (all stock information is delayed at least
15 minutes). StockittoMe can check multiple stocks at the same time and
can be configured to update stock information automatically in five,
ten, or fifteen minutes intervals. Multiple windows can be open at the
same time so that stocks can be easily grouped together.
StockittoMe is free and can be found here.
Wired Movies
Alfred Van Hoek has posted the latest release of his MovieWires Plugin. The plugin enables you to
create wired actions in movies.
|
