Thread: control your application whenever u decide, make it not working anymore

  1. #1
    Registered User
    Join Date
    Sep 2012
    Posts
    11

    control your application whenever u decide, make it not working anymore

    i want to add some lines of code , which make it possible , whenever i want my application not work anymore (my application is connecting via internet) so i have idea for this purpose , i could upload a specific file in my host , ie : www.my_dummy_host.com/control_my_app.txt

    and then in my source code i could write an control line , that will check if above link exists , continue , if not exists then exit the program. therefore whenever i want to make my app not working (expire) , i could remove that file from my host. my questions are:

    1. Does anybody have any better alternative idea?

    2. if not (if my idea is best) , how could i implement checking a file in a host with c programming? could u please write me the code?

    Thanks in advance
    Last edited by pooyair; 09-29-2012 at 02:39 PM.

  2. #2
    Registered User
    Join Date
    Sep 2012
    Posts
    357
    1. Don't! Really, don't lock your application with software. If you must: lock it with lawyers.

  3. #3
    Registered User
    Join Date
    Sep 2012
    Posts
    11
    @qny , though , i did not ask about advice ( i was talked about idea , techinical solution ) , but tnx for posting your social advice!

    @all
    does anybody know , any sample link , example code in c programming for this purpose , to clarfiy my first post , i am seeking to add somehow license to my application , i mean , at anytime i decide that my app not works anymore for my client , i could delete the file from my host , so my application will be exited and not works , and when i change my mind that works , then i could again reupload the file ...
    Last edited by pooyair; 09-29-2012 at 03:34 PM.

  4. #4
    Registered User ledow's Avatar
    Join Date
    Dec 2011
    Posts
    435
    Why do you need example code of this specifically? Just find a library that allows you to download files from URL's, (e.g. curl, etc.) and gives an error when they are not present, and then use that to perform the exact thing you want to do. It's literally a ten-line piece of code and a ten-minute search on Google. If you can't find something that works yourself (or could be made to work), it makes me wonder what on EARTH you would ever write that I would subject myself to such copy-protection for.

    But any such idea will be immediately bypassed by anybody with even half a brain within seconds, and just make people hate your software, to be honest.

    What if your website goes down? What if you forget to renew the domain? What if the website is filtered or blocked accidentally by the company who bought the software? What if the Internet connection goes off and the company can't run your software? What if you get someone running thousands of copies of the software (which isn't taken account of by your system AND would flood your website if anyone did it)? What if you code it badly and it just doesn't work?

    I am writing a game at the moment, which I intend to push for professional distribution of. As part of that, I wrote my own copy protection mechanism based on DNS records and X.509 certificate verification (including individual revocation of client certificates, licence expiry etc.). To be honest, I don't see it ever being used or implemented but it was a fun thing to code and took less than 24 hours to complete. It's really not that hard to do a decent job of it, but I know - even being the person that wrote it and designed that part specifically to make it difficult to work around - that someone with a modicum of experience and debugging tools would work around it in minutes if they were determined to.

    I work in schools and, being a programmer on the side, I'm often asked to work around programs that try things like this. I've seen everything from online activation, to key generation dependent on system MAC addresses, to license verification done by hidden bytes in hidden sectors on a special master floppy disk that you HAVE to use to license computers individually (and how many computers even have a floppy drive any more?), to specialised expensive dongles by top-name companies. Every single one of them was worked around in an afternoon (but we never did, nor wanted to do, anything that breached the actual license we'd bought - just working around crappy copy protection that stopped us doing perfectly legitimate things, like work when the Internet goes off, or work when the floppy dies and the company does NOT send replacements). Literally, not one copy protection, mainstream nor unique customised handmade code, lasted longer than an afternoon without being able to be cracked so we could get rid of the restrictions. And every single one of them, we complained to the manufacturer and found alternatives when they were uncooperative.

    Think what you are trying to achieve with this copy protection, and the impact it would have on your customers image of you should it go wrong. Because you're likely to do a lot more damage than anything else, and for little gain, and I assure you nothing you write will be "uncrackable" (hell, most of the professional stuff barely lasts a week before it's cracked!) by anybody who was determined to work around it. And if you can't even work out how to do it in five minutes of thinking and a quick Google, I'd be shocked if the code you end up with ever worked as intended.

    But, most of all, if you think your code would be valued that much that people would tolerate such horrendous and amateur copy protection, I really think you're kidding yourself.

    - Compiler warnings are like "Bridge Out Ahead" warnings. DON'T just ignore them.
    - A compiler error is something SO stupid that the compiler genuinely can't carry on with its job. A compiler warning is the compiler saying "Well, that's bloody stupid but if you WANT to ignore me..." and carrying on.
    - The best debugging tool in the world is a bunch of printf()'s for everything important around the bits you think might be wrong.

  5. #5
    Registered User
    Join Date
    Sep 2006
    Posts
    8,868
    I don't know much about this, but clearly if you use this design, your application can't be used whenever the user is off-line, your server is down, etc.

    There has been a lot of work done with user authorization, but it has more to do with legalities, than with writing code.

    I would suggest if you use this kind of a scheme, then make it flexible. Require the authorization on-line, only once per week or per month.

  6. #6
    Registered User
    Join Date
    Sep 2012
    Posts
    11
    @ledow
    first , thanks for reply,
    Well i knew , that i could use curl lib ... the reason that i had created this thread was mostly to get better idea as mine , i am looking for any algorithms on copy protection , more desire to see the source code ... u are right that the first thread idea is not the best , and it could simply be crackable , i knew it myself , it's not the best , but probably the easiest one to implement,
    but i am looking for any link , which could describe me better copy-protection algorithms.

    regarding your points about what if it's website goes down , ... maybe a work-around is setting more than one file in different hosts , ie 5 files , in 5 different domains , and write the code as if , one of them exits , the app run , but if none of them would not exits , then exit the program... therefore it's no matter , if i forgot to renew one of those domain , since others would do the job simultaneously.

    anyway ,still i am really interesting to see best idea on copy protection algorithms more rather to see sample code for copy protection...
    i had google to get some copy protection c programming sample code with no succeed , if u or any other guys , had already written any copy protection code , would really appreciate to share with me ,i will give u my email , if u do not want to post it in public
    Best Regards.
    Last edited by pooyair; 09-30-2012 at 06:27 AM.

  7. #7
    Registered User ledow's Avatar
    Join Date
    Dec 2011
    Posts
    435
    Because, if you give away the code to a copy protection mechanism, then it's in the open and it becomes easy to work out what it does.

    Unlike encryption, which is a totally different mechanism, copy protection is ENTIRELY "security through obfuscation" (which means that it's secure as long as nobody knows about how it works). Encryption, for example, works by distributing "boxes" that everyone knows how they work, but never giving the "keys" to an untrusted user (i.e. your customer). But with copy-protection, because of the REQUIREMENT that you have to give the end user not only all the "boxes" of your program but all the "keys" too for them to run it (if you can ever run the program, it means you've been given the keys to the box), copy protection can never be secure. All of the security of a copy protection mechanism is in the source code to it. If you see the source, you can crack the protection much more easily (as opposed to message encryption where you can see the source and STILL be no closer to cracking the encryption because you have no keys).

    So you won't find much copy protection code. Not only because copy-protection is poor, and unlikely to be included in any program that publishes code, but because all the secret parts are IN the source code. If I gave you the source code to, say, my copy protection system, you would be able to work around it in a matter of seconds. Without it, it might take a few days. That's all that copy protection does, slows you down a little by making things unnecessarily complicated and obscure. It's like hiding your front door key under a stone in your garden. It's more "secure" than leaving your door unlocked but the second that someone knows how your system works, they aren't hindered by it at all.

    There are no copy protection algorithms, as such. It's all just different ways to make things difficult for someone wanting to run the program without your permission. You could make it reliant on a file on your webserver, you can make it dependent on a certain "CD-key", you can make it dependent on a particular combination of the users hardware (e.g. their MAC address, processor serial number, something written into a special place on the install CD etc.), you can make it reliant on being "logged in" to a server elsewhere, you can make it reliant on there being a particular piece of hardware present. What you *can't* do is ever let anyone know how it works, or expect it to beat a determined, knowledgeable person (not even a "hacker", just someone who has a reason to defeat the copy-protection and some knowledge of how computers work is sufficient - I wrote my first "copy-protection removal" tool when I was a teenager, never distributed it to anyone, but it wasn't hard to beat the copy protection even at that age).

    If you really want a look, I wrote something on my blog a while back: Ledow Land - Copy protection with OpenSSL

    But it's deliberately vague and not very useful precisely because a copy-protection system is just a way to make things obscure.

    - Compiler warnings are like "Bridge Out Ahead" warnings. DON'T just ignore them.
    - A compiler error is something SO stupid that the compiler genuinely can't carry on with its job. A compiler warning is the compiler saying "Well, that's bloody stupid but if you WANT to ignore me..." and carrying on.
    - The best debugging tool in the world is a bunch of printf()'s for everything important around the bits you think might be wrong.

  8. #8
    Registered User
    Join Date
    Sep 2012
    Posts
    11
    @ledow

    your article in your blog , was very helpful for me , Big thanks
    Best wishes for u

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Cross application communication/control
    By pfct in forum Windows Programming
    Replies: 0
    Last Post: 08-04-2010, 02:21 PM
  2. ldconfig not working anymore?
    By patiobarbecue in forum C++ Programming
    Replies: 1
    Last Post: 04-22-2009, 08:11 PM
  3. Howto make own application for remote control handling
    By s-men in forum Windows Programming
    Replies: 16
    Last Post: 08-16-2008, 04:22 PM
  4. Using an OCX ( ActiveX) control in a non-MFC application?
    By abachler in forum Windows Programming
    Replies: 0
    Last Post: 05-07-2007, 08:43 AM
  5. Internal Application specific volume control
    By Azrei in forum C++ Programming
    Replies: 7
    Last Post: 01-08-2005, 06:16 AM

Tags for this Thread