Machine ID?
CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Page 1 of 3 123 LastLast
Results 1 to 15 of 36

Thread: Machine ID?

  1. #1
    Join Date
    Mar 2003
    Posts
    53

    Machine ID?

    Hi,

    Is there something like a unique machine ID that I can retrieve so I can save a file and when opened, know if it was saved on the same machine?

    I don't want people using my saved files on any other machine apart from the one it was saved on originally.

    What is the best thing to grab which is unique to each machine?

    Thanks in advance
    Jim

  2. #2
    Join Date
    Nov 2003
    Location
    Belgium
    Posts
    8,062
    Nothing is guarateed to be unique, but you can use several thing:
    - The serial number of the primary harddisk
    - The MAC address of the network card
    - Perhaps serial numberof CPU (if you can retrieve that)
    - Combinations
    But, keep in mind that this IS going to annoy your customers! Because suppose you use the harddisk serial number and the harddisk of your customer crashes and he/she installs a new HD, then he/she won't be able to open there saved files anymore.

    So I suggest, you give it a second thought and think about it if it's really required to prevent this.

  3. #3
    Join Date
    May 2002
    Location
    Germany
    Posts
    487
    Your question leads to copy protection.
    Many companies have failed in making their program unmovable.

    A hint additional to the already given ones:

    Write to the registry!

    If you write one of the unique values to the registry and afterwards compare them, it would even not be good enough to copy the registry key to the next pc.

    Other options are hardware dongels on parallel or USB port.

    But they are certainly not for free....

    Marc

  4. #4
    Join Date
    Nov 2003
    Location
    Belgium
    Posts
    8,062
    Whatever you do, you have to think about it if it's worth your time and effort, because do not forget that EVERY copy protection system can be hacked (no matter how complicated it is, no matter if it's in hardware or software, etc...)

  5. #5
    ovidiucucu's Avatar
    ovidiucucu is offline Moderator/Reviewer Power Poster
    Join Date
    Feb 2003
    Location
    Iasi - Romania
    Posts
    8,051
    Other options are hardware dongels on parallel or USB port.

    But they are certainly not for free....
    Unfortunately this is the only one good solution.
    However, if somebody wants to prevent unauthorized copies of his software
    (i.e. wants to avoid losing more money), ... must pay something for this...
    Whatever you do, you have to think about it if it's worth your time and effort, because do not forget that EVERY copy protection system can be hacked (no matter how complicated it is, no matter if it's in hardware or software, etc...)
    Well, just try hacking the dongle protection, "if it's worth your time and effort"
    Ovidiu Cucu
    "When in Rome, do as Romans do."
    Visit: Microsoft Virtual Academy
    Follow: https://twitter.com/#!/ovidiucucu
    My blog: http://codexpert.ro/blog/author/ovidiu-cucu/

  6. #6
    Join Date
    Nov 2003
    Location
    Belgium
    Posts
    8,062
    Well, just try hacking the dongle protection, "if it's worth your time and effort"
    I'm not in the 'hacking bussiness', so I have no idea how I should hack a dongle, but the fact is there are people out there who do nothing else but cracking protected software, just for the kick of it and - most importantly - to be the first that has cracked a specific piece of software. So, everything can and will be cracked. For example (among lots of other examples), 3D Studio Max had dongle protection and every single released version of 3D studio has been cracked. If i'm not mistaken, the latest 3D max release didn't even had dongle protection.

  7. #7
    Join Date
    Sep 2001
    Location
    Victoria, BC, Canada
    Posts
    363
    Anything can be cracked, it's that simple.

    We used to use dongles where I work, but dropped them in favour of a package that uses serial numbers it loads from the computer from various pieces of hardware. It makes it unmoveable from computer to computer, even renders the software unuseable if they change a hard drive, but it's just a reality they have to live with.

    It's justified though, they pay $10K for the software, they have to expect we want to protect it as much as we can.

    In practice, we rarely run into complaints with this method of protection, most people never have a problem with it. Even if they do, one phone call will get them a new unlock code so it's easy to work around.

  8. #8
    Join Date
    Jun 2002
    Posts
    395
    Is there something like a unique machine ID that I can retrieve so I can save a file and when opened, know if it was saved on the same machine?

    I don't want people using my saved files on any other machine apart from the one it was saved on originally.

    What is the best thing to grab which is unique to each machine?
    If you are writing software that you plan on selling, I would strongly advise against copy-protecting the data. Tagging the files will make it impossible to share the data between a team of people. Plus, companies buy new hardware/move software around all the time; expecting that one particular machine to be around forever is not realistic. If that machine dies, then what do I do? How do I get my data back?

    As far as unique ids:

    MAC address is good, although a NIC can be moved if it is not onboard, and virtually all network cards these days can have their MAC address set programatically, so you have to make sure you are getting the address from the EEPROM

    disk serial number is poor, it is very easily changeable

    video card/audio card is fair, these don't change much (especially in corporate environments, although companies tend to buy lots of identical machines)

    windows directory creation date is good for consumer-level software, only fair for companies (which often install machines by ghosting a saved drive image, which gives every machine the same creation date)

    registry key is good if you use a hidden registry key, although this only works on NT and later

    hardware dongles are good but are very expensive, and companies *hate* them (I've dealt with numerous companies who *will not* by software proetected with a dongle, as a matter of policy)

  9. #9
    Join Date
    Sep 2001
    Location
    Victoria, BC, Canada
    Posts
    363
    You get your data back by calling the company and getting the software unlocked on a new machine. We do that all the time. It isn't as big a deal as you think actually. It rarely causes any problems at all.

    As for people swapping hardware, that happens once every year-and-a-half or two, most people don't make a rule of swapping hard drives out or any other hardware for that matter. There's no real point unless you need it. We only get a few calls a year from people who have had to do that. In fact, I can count the number of people who call about that on two hands only, some years it's even less than that.

  10. #10
    Join Date
    Jun 2002
    Posts
    395
    Originally posted by Radius
    You get your data back by calling the company and getting the software unlocked on a new machine. We do that all the time. It isn't as big a deal as you think actually. It rarely causes any problems at all.
    I agree that getting a customer a new unlock code for their software if they get a new machine is not a problem.

    He's talking about protecting the user's data files, though, not the software. He'd have to have some way of updating the ID inside of each of the data files if they were moved to a new machine or if the machine changed.

    Plus, if you are dealing directly with some sort of system ID, there might not be any unlock codes that are provided from the vendor. It didn't sound like he was implementing an "unlock key" type of system, but rather wanted to directly protect/encrypt/whatever the data file using a system-derived ID. I don't think this is a good way to go.

  11. #11
    Join Date
    Jul 2001
    Location
    jordan
    Posts
    63
    My sitituation is similar to Radius' old situation, I work for a company that sells an expensive software package, we don't sell to 1000's , not even hudreds of companies. I'm trying to do what Radius used to do. Everyone's talking about serial numbers, but until now, no one has mentioned how to get the serial numbers.

    1- How do you get the serial numbers for the various parts?
    2- Would using MD5 algorithm be helpful here?

    thank you

    awni

  12. #12
    Join Date
    Jun 2002
    Posts
    395
    Why reinvent the wheel?

    Use a third-party product such as eLicense or CrypKey or flexLM or whatever.

  13. #13
    Join Date
    Apr 2004
    Posts
    2
    I can introduce you a software protection product, ElecKey of Sciensoft.

  14. #14
    Join Date
    Jan 2004
    Posts
    44

    Smile

    I don't want people using my saved files on any other machine apart from the one it was saved on originally.
    If you're not worried about having to support the user moving machines...you could always use CryptoAPI (it's available on all current windows platforms, it's from MS and it's free) to generate a persisted private session key and use it to encrypt/decrypt the data file.

    Be sure to give the user (or yourself) a way to export this data in some transportable format.

    The keys are unique to the user (and I think to the machine as well if you use CRYPT_MACHINE_KEYSTORE) and you can set it up so it's not exportable (i.e. the key can't be moved from the machine). Furthermore, the key can be randomly generated (even YOU won't know it) or derived from a password or data you provide. For digital signatatures, we ask the user to move the mouse around a bit and we capture some mouse positions to use as a seed to a random number generate (BBS) that a key is then derived from. How's that for unique?

    This would guarantee that the files could only be manipulated on one machine. If you want to allow the user to move machines, you could always impliment something similar to the MS activation scheme if you know you user will be connected to the internet or you could encrypt the exported data with a digital signature in a certificate you provide the user.

    I agree that copy protection doesn't work, but short of GPL the next best thing is to make it expensive for users to make copies.

    Hackers will always break protection schemes...better to send the money/effort on product improvement and providing support.
    Not having to worry about copy protection changes the distribution model for software and can be more profitable than the alternatives. I think locking down the data (depending on the app) isn't too bad a way to go.
    Last edited by The_Diamond_Z; April 15th, 2004 at 04:12 AM.

  15. #15
    Join Date
    May 1999
    Location
    Fort Worth Texas
    Posts
    614

    PC ID

    Did you ever get an answer you can use for obtaining PC or Machine ID?

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Windows Mobile Development Center


Click Here to Expand Forum to Full Width

This is a CodeGuru survey question.


Featured


HTML5 Development Center