Slightly off topic : Reducing piracy/licensing etc...

TheMSsForum.com: The Microsoft Software Forum

Hi all,

I've written an application that's currently being used by 1 company, and
soon to be used by another. I was thinking the other day how as this is all
just written in ASP - ie, no .dll's or anything else, I have very few ways
to prevent anyone working at these companies taking a copy of the
application and distributing it to other people.

Whilst they'd probably need to know ASP and have a good database
knowledege - it would still be possible.

I would like to try and reduce the possibility of this happening as much as
possible. I am soon going to issue a license number to the company using
it, they will then be able to use this with their details to login to our
server for updates and so on - so I can restrict what people get that way I
suppose.

What I was wondering was whether I should take the 'login' page completely
out of the application at the clients end and put it on our own servers -
ie, they login with their username/password/license number and then get sent
back to the application at their end - but even this is not really 'secure',
plus anyone with a little ASP knowledge could just remove the security code
in the application at the moment if they really wanted too... (hehe, maybe I
shouldn't have commented the code :D)...

So, does anyone have any good ideas on how to reduce (note I dont say
prevent) the chances of my application being distributed for free etc? I
normally wouldn't be too bothered, but it took around 6 months to develop,
they've been using it since April this year and seem happy with it, and
there has been a lot more work done on it since, I'm sure it could be
better, but for me its something I'm quite proud of.

Any information would be appreciated, any URL's etc...

Thanks in advance,

Regards

Rob
Top

Re: Slightly off topic : Reducing piracy/licensing etc... by Phill

Phill
Fri Oct 31 03:40:21 CST 2003



Making the jump from well formed VBscript to an active-x DLL is much easier
than you might expect.
After reading through the following tutorial I was able to get a couple of
my VBscript functions up and running in the course of one evening..

http://www.tutorial-web.com/asp/dll/index.asp

it's really nice being able tuck away all your logic in a DLL and just
instantiate when you need to access a large chunck of code.









"Rob Meade" <robb.meade@NO-SPAM.kingswoodweb.net> wrote in message
news:xlpob.1684$lj6.7433345@news-text.cableinet.net...
> Hi all,
>
> I've written an application that's currently being used by 1 company, and
> soon to be used by another. I was thinking the other day how as this is
all
> just written in ASP - ie, no .dll's or anything else, I have very few ways
> to prevent anyone working at these companies taking a copy of the
> application and distributing it to other people.
>
> Whilst they'd probably need to know ASP and have a good database
> knowledege - it would still be possible.
>
> I would like to try and reduce the possibility of this happening as much
as
> possible. I am soon going to issue a license number to the company using
> it, they will then be able to use this with their details to login to our
> server for updates and so on - so I can restrict what people get that way
I
> suppose.
>
> What I was wondering was whether I should take the 'login' page completely
> out of the application at the clients end and put it on our own servers -
> ie, they login with their username/password/license number and then get
sent
> back to the application at their end - but even this is not really
'secure',
> plus anyone with a little ASP knowledge could just remove the security
code
> in the application at the moment if they really wanted too... (hehe, maybe
I
> shouldn't have commented the code :D)...
>
> So, does anyone have any good ideas on how to reduce (note I dont say
> prevent) the chances of my application being distributed for free etc? I
> normally wouldn't be too bothered, but it took around 6 months to develop,
> they've been using it since April this year and seem happy with it, and
> there has been a lot more work done on it since, I'm sure it could be
> better, but for me its something I'm quite proud of.
>
> Any information would be appreciated, any URL's etc...
>
> Thanks in advance,
>
> Regards
>
> Rob
>
>


Top

Re: Slightly off topic : Reducing piracy/licensing etc... by mark

mark
Fri Oct 31 04:51:40 CST 2003

have it send an email to you with the offending ip address, web space
username and password when ever its activated. then you can log in yourself
and validate the purchase.

or slap the user

mark

"Rob Meade" <robb.meade@NO-SPAM.kingswoodweb.net> wrote in message
news:xlpob.1684$lj6.7433345@news-text.cableinet.net...
> Hi all,
>
> I've written an application that's currently being used by 1 company, and
> soon to be used by another. I was thinking the other day how as this is
all
> just written in ASP - ie, no .dll's or anything else, I have very few ways
> to prevent anyone working at these companies taking a copy of the
> application and distributing it to other people.
>
> Whilst they'd probably need to know ASP and have a good database
> knowledege - it would still be possible.
>
> I would like to try and reduce the possibility of this happening as much
as
> possible. I am soon going to issue a license number to the company using
> it, they will then be able to use this with their details to login to our
> server for updates and so on - so I can restrict what people get that way
I
> suppose.
>
> What I was wondering was whether I should take the 'login' page completely
> out of the application at the clients end and put it on our own servers -
> ie, they login with their username/password/license number and then get
sent
> back to the application at their end - but even this is not really
'secure',
> plus anyone with a little ASP knowledge could just remove the security
code
> in the application at the moment if they really wanted too... (hehe, maybe
I
> shouldn't have commented the code :D)...
>
> So, does anyone have any good ideas on how to reduce (note I dont say
> prevent) the chances of my application being distributed for free etc? I
> normally wouldn't be too bothered, but it took around 6 months to develop,
> they've been using it since April this year and seem happy with it, and
> there has been a lot more work done on it since, I'm sure it could be
> better, but for me its something I'm quite proud of.
>
> Any information would be appreciated, any URL's etc...
>
> Thanks in advance,
>
> Regards
>
> Rob
>
>


Top

Re: Slightly off topic : Reducing piracy/licensing etc... by Rob

Rob
Fri Oct 31 07:10:12 CST 2003

"mark | r" wrote ...

> have it send an email to you with the offending ip address, web space
> username and password when ever its activated. then you can log in
yourself
> and validate the purchase.

Aye, I thought of something similar, maybe giving the license upto 3 IP
addresses for the user who's bought it etc, or just one and they can buy
more licenses for the others etc (I like the money for nothing
theory!)...but again, the user would *still* be able to remove this ASP if
they were 'o-fay' (sp?) with ASP.

> or slap the user

hehe- a slappin' sounds good ;o)

Rob


Top

Re: Slightly off topic : Reducing piracy/licensing etc... by Rob

Rob
Fri Oct 31 07:11:21 CST 2003

"Phill Intvariant" wrote ...

> Making the jump from well formed VBscript to an active-x DLL is much
easier
> than you might expect. After reading through the following tutorial I was
able to get a couple of
> my VBscript functions up and running in the course of one evening..
>
> http://www.tutorial-web.com/asp/dll/index.asp
>
> it's really nice being able tuck away all your logic in a DLL and just
> instantiate when you need to access a large chunck of code.

I guess I could just tuck away the login stuff, and then use something along
the lines of what mark|r posted in conjunction with it....wondering now how
easy it would be for a user to circumvent the .dll though! hehe...

The joys of coding!

Rob


Top

Re: Slightly off topic : Reducing piracy/licensing etc... by Mark

Mark
Fri Oct 31 10:40:44 CST 2003

it would probably be fairly easy to bypass the login page.

identify a section of your application that you feel is critical to it's
operation and that would not be easy to duplicate from scratch and put that
into a DLL. Check the license when that part of the application is entered.

--
Mark Schupp
Head of Development
Integrity eLearning
www.ielearning.com


"Rob Meade" <robb.meade@NO-SPAM.kingswoodweb.net> wrote in message
news:Zbtob.1904$BT7.9157784@news-text.cableinet.net...
> "Phill Intvariant" wrote ...
>
> > Making the jump from well formed VBscript to an active-x DLL is much
> easier
> > than you might expect. After reading through the following tutorial I
was
> able to get a couple of
> > my VBscript functions up and running in the course of one evening..
> >
> > http://www.tutorial-web.com/asp/dll/index.asp
> >
> > it's really nice being able tuck away all your logic in a DLL and just
> > instantiate when you need to access a large chunck of code.
>
> I guess I could just tuck away the login stuff, and then use something
along
> the lines of what mark|r posted in conjunction with it....wondering now
how
> easy it would be for a user to circumvent the .dll though! hehe...
>
> The joys of coding!
>
> Rob
>
>


Top

Re: Slightly off topic : Reducing piracy/licensing etc... by Rob

Rob
Fri Oct 31 10:54:51 CST 2003

"Mark Schupp" wrote ...

> it would probably be fairly easy to bypass the login page.
>
> identify a section of your application that you feel is critical to it's
> operation and that would not be easy to duplicate from scratch and put
that
> into a DLL. Check the license when that part of the application is
entered.

Hello again Mark :o)

Yes, I can think of 2 vital areas without which the application is
completely pointless, but they are 'big' sections - this would require quite
a lot of work, but worth it I guess...

I suppose my next hurdle will be clients that want to use my application
that dont have their own web servers and use a hosting company which do not
allow the installation of custom .dll's :o/

Identifying this as a requirement of the application from the outset is one
thing, but I dont expect many people are likely to want to change hosts for
this - I could be wrong...

Rob


Top

Re: Slightly off topic : Reducing piracy/licensing etc... by Mark

Mark
Mon Nov 03 10:57:28 CST 2003

If you are using JScript then you will probably have to re-code the
indicated pages to create a DLL.

There are tools that can help convert VBScript ASP pages to VB DLLs. We used
one called ASPLightning a several years ago to convert our entire
application to a DLL. I wasn't completely happy with the way the conversion
ran (the tool was in BETA at the time) so we started doing new development
on the app directly in the DLLs. If the tool is still available I expect
that it is more sophisticated now. There are also several other tools out
there I think. Check aspfaq.com.

It is also not terribly difficult to move VBScript into a DLL manually. Most
of the VBScript syntax is valid in VB.

--
Mark Schupp
Head of Development
Integrity eLearning
www.ielearning.com


"Rob Meade" <robb.meade@NO-SPAM.kingswoodweb.net> wrote in message
news:vtwob.2123$O72.11220199@news-text.cableinet.net...
> "Mark Schupp" wrote ...
>
> > it would probably be fairly easy to bypass the login page.
> >
> > identify a section of your application that you feel is critical to it's
> > operation and that would not be easy to duplicate from scratch and put
> that
> > into a DLL. Check the license when that part of the application is
> entered.
>
> Hello again Mark :o)
>
> Yes, I can think of 2 vital areas without which the application is
> completely pointless, but they are 'big' sections - this would require
quite
> a lot of work, but worth it I guess...
>
> I suppose my next hurdle will be clients that want to use my application
> that dont have their own web servers and use a hosting company which do
not
> allow the installation of custom .dll's :o/
>
> Identifying this as a requirement of the application from the outset is
one
> thing, but I dont expect many people are likely to want to change hosts
for
> this - I could be wrong...
>
> Rob
>
>


Top

Re: Slightly off topic : Reducing piracy/licensing etc... by mark

mark
Mon Nov 03 12:01:58 CST 2003

not if the checking is a URL on your site?

mark
"Rob Meade" <robb.meade@NO-SPAM.kingswoodweb.net> wrote in message
news:Uatob.1903$Xr.9617638@news-text.cableinet.net...
> "mark | r" wrote ...
>
> > have it send an email to you with the offending ip address, web space
> > username and password when ever its activated. then you can log in
> yourself
> > and validate the purchase.
>
> Aye, I thought of something similar, maybe giving the license upto 3 IP
> addresses for the user who's bought it etc, or just one and they can buy
> more licenses for the others etc (I like the money for nothing
> theory!)...but again, the user would *still* be able to remove this ASP if
> they were 'o-fay' (sp?) with ASP.
>
> > or slap the user
>
> hehe- a slappin' sounds good ;o)
>
> Rob
>
>


Top

Re: Slightly off topic : Reducing piracy/licensing etc... by William

William
Mon Nov 03 12:12:28 CST 2003

Rob Meade wrote:
> ...
> if they were 'o-fay' (sp?) with ASP.
>

'au fait' ? - may be what you were searching for.

--
William Tasso - http://WilliamTasso.com


Top