Does any hardware of the PC have unique number/address except the network card address, so that the computer can be uniquely identified? If so how to obtain that address. Can I make my application copy protected in this way?
Does any hardware of the PC have unique number/address except the network card address, so that the computer can be uniquely identified? If so how to obtain that address. Can I make my application copy protected in this way?
Well, this is a real difficult question.
There are a lot similar questions in this forum and many of the answers
suggest use CPUID assembly instruction to get the CPU serial number.
Also there is a WMI function (don't know which one) that returns a "CPU serial number".
Just I want warn you to gain time: the actual AMD/Intel microprocessors do not support
the serial number feature
Take a look in this thread:
http://www.codeguru.com/forum/showth...390#post706390
another way is (and i'm using that) to read the motherboard loading program (that is a program ROM-BootStrap i guess) that executes what you saw when you restart your computer...
this program starts at 0x000fe000 in physical memory, and should contain in it and the motherboard serial number (because it is showed on computer startup)
so you can build a CRC on this and...there you have it...
also, you can combine this with another method, but currently i'm using this and i'm pretty satisfied...
DANI
PS : salut Ovidiu, eu sunt din Bucuresti :)
Could you guide me on how I can do that please? What instructions do I use, which header/lib etc?Quote:
Originally posted by iq0
this program starts at 0x000fe000 in physical memory, and should contain in it and the motherboard serial number (because it is showed on computer startup)
This question is asked occasionally in this forum but when it is asked it usually gets many answers and grows quite large. So if you can find previous answers you will have plenty to read.
There is not an easy solution. Programmers have been attempting to protect their code since before the original IBM PC existed. The PC environment has still not developed a useful and practical solution. There might be something being developed by Microsoft and other companies but I forget the name of the project.
You probably mean TCPA / Palladium, an initiative by the M$ / Intel Mafia which is currently heavily discussed...Quote:
Originally posted by Sam Hobbs
There might be something being developed by Microsoft and other companies but I forget the name of the project.
Another frequently used method (for machines with an ethernet adapter) is using the worldwide unique MAC address.
i guess that this protection method is pretty interesting...
here is what i was thinking of :
the program must be build to be registered or unregistered
in unregistered mode it does not had some functionality, but witch is still in the exe, the programmer simply passing over it...that part of the program should use a structure with some structure with some vital data, witch is encrypted...
and now comes the interesting part...
the user that want to register, selects an option and builds a file that contains the motherboard loading program (Rom BOOTSTRAP)...the programmer has that structure that i was talking early unencrypted, and with the file that he is receiving, he builds a CRC of some sort, then encrypts the structure with that CRC in a nasty way...then sends the ".KEY" file to the user, witch places that file in the program directory...
the program must be build in such way, that searches for that file on every startup, so it knows it should be registered or not...when he sees the ".KEY" file, then it loads the file, reads the same motherboard loading program, builds the same CRC on it, decrypts with this key the file, and enables all the functionality that was not active...when the user is using that functionality, if the ".KEY" file is not good, then the program would use some other data than it should be...so it falls down...
i know that it can be cracked (i don't know how easy because i'm not good at all in that stuff), but with some ugly algorithms...whi knows...
i hope this is useful to somebody...
aaa....i almost forgot...there is a link to a post of mine that contains a program with source to read that data for win9x/me/2k/nt/xp...
the only limitation is that on NT/2K/XP platforms, the program should be started with an administrator account...you'll see...
The problem with protections like that is that someone with some time on his hands can either:
- try to figure out how your keys are generated (which, in many cases is not that difficult) and then generate a valid key himself
- look for the protection code in your program's executable and replace it by something like mov ax, 1 (indicating that the license is valid) and ret to exit the function.
To guard against 1) is the first step, so you want to have a pretty difficult key generator. Many protection systems already fail there. To guard against 2) is pretty much impossible, you can only make it very very hard for someone uniniated.
For the OP's question, you can also use the MAC address of the network card, of course, provided the computer has a network card attached. This being said, generating an unlock key based on the current hardware configuration can be very annoying to users. If your harddisk fails and you have to replace it, you'll get a new HD serial number and hence you will have to prove to the software manufacturer that you are actually using the software laffully and that they should give you a second unlock code. I had a problem like that when I bought a student version of Mathematica and upgraded my computer one component at a time over a year (I didn't want to spend too much money, so I just upgraded as necessary). Asking them for a new code again and again wasn't easy nor were they being very helpful, since they probably assumed that I was trying to install it on tenty different computers ;)
One efficient and widely used solution for software protection can be found here:
http://www.ealaddin.com/hasp/default.asp?cf=tl
You see, ovidiucucu, I'm a complete cheapskate and it would be nice if I could find a really good way thats completely free. :DQuote:
Originally posted by ovidiucucu
One efficient and widely used solution for software protection can be found here:
http://www.ealaddin.com/hasp/default.asp?cf=tl
I'm serious.
Isn't that a dongle ?
Dongles are pretty good both at protecting software and infuriating customers who can't install the drivers correctly ;)
I have heard the (strange) terms "dongle" and "hasp" used in the same contexts and I see the URL has "hasp" in it.Quote:
Originally posted by Yves M
Isn't that a dongle ?
HASP = Hardware Against Software Piracy :p
Almost 100% right but it seems being a typing error: one single word is missing:Quote:
Originally posted by Yves M
Isn't that a dongle ?
Dongles are pretty good both at protecting software and infuriating customers who can't install the drivers correctly
Dongles are pretty good both at protecting software and infuriating unauthorized customers
who can't install the drivers correctly
I'm not sure about this HASP solution, but I do know that a sizeable portion of legitimate users have problems with legitimate dongles. That goes from parallel port dongles that don't work with certain printer types to USB dongles that will (obviously) not work on NT4, or versioning problems, or problems with people who have non fully-standard USB ports (the early USB support on motherboards...) etc. In addition to that, dongles have a more or less limited life span (depending on whether the user uses it as a key-chain or not ^^). I'm just saying this to emphasize that it is not "the saviour" solution to copy-protection.
It's better than pure software protection, but there are cracker programs that are targeted against specific dongle producers. That means, if you happen to use the same company, your software is unfortunately cracked before it was even written.
wOOt now I have to chime in...the startup company I use to work for (in talks with amd/intel/saic (how did you forget saic there gstercken?) was the only company in direct competition with mickeysofts pallidum effort (that I know of)...key was, we provied a software only solution...thus my driver experience....needless to say we were to ambitious...and investment at the time the stock market was tanking was not there. MickeySoft will F this up again, I await to snicker.
But I do agree, we were ambitious, software only solution would require much much co-op with mickeysoft, of which we had none of course, but not withstanding that, the only way, can I say only way again, to defeat piracy is to tie the keygen to hardware or to make a truly secure OS (and mickeysoft has so much experience in that)
/End of rant...you may continue..
If dongles were effective at protecting software from use by unauthorized use only then they would be used much more than they are.
so..pretty stupid, ha ?
i forgot to put the link...
http://www.codeguru.com/forum/showth...hreadid=248720
so a pretty thing about the protection using my described method, is that it mangles data...the program is still running, but isn't running right...
in one of my software where i've implemented this, when the program writes to disk some data, it writes with a size equal to "correct_size + decrypted_struct[0]", so if decrypted_struct[0] is not 0, then...
this is a simple way, but you can embed it where you want...
and of course it is crackable...any software is...
And we will be dancing, a dancing in the streets...we will be dancing a dancing in the streets.Quote:
Originally posted by iq0
and of course it is crackable...any software is...
Another thread where people will spout off about everything you can find when you overturn the rocks in the stream. Until the industry changes nothing will change, and we can blow all the hot air we want to about it....
But I'll still be dancing...a dancing in the streets...
When do you think your software will be secure? When you take control out of the users hands. When will that happen? Never, unless the world wants to turn into a facist police state, not gonna happen.
well maybe....
/tHe MaTrIx
/End of rant..can we continue..?Quote:
Originally obviously posted by Mick_2002
"I claim this planet in the name of Mars. Hmmm. Isn't that lovely, hmmm?"
"At last, after 2000 years of work, the Illudium Q-36 Explosive Space Modulator"
"The Earth? Oh, the Earth will be gone in just a few seconds."
"Where's the kaboom? There was supposed to be an Earth shattering kaboom!"
Delays...Delays...Quote:
Originally posted by ovidiucucu
/End of rant..can we continue..?
Well, what can I say more... Just kaboom++Quote:
Originally posted by Mick_2002
Delays...Delays...
Quote:
Originally posted by ovidiucucu
Well, what can I say more... Just kaboom++
Code:while(1){
kaboom++;
}
Is this the first successfully infinite loop you have written?Quote:
Originally posted by Deniz
Code:while(1){
kaboom++;
}
So you can enjoy also with kaboom--, kaboom,kaboom, and even with no kaboom.
Notice you got your wish. The rants continue.Quote:
Originally posted by ovidiucucu
/End of rant..can we continue..?
If you did not want the rants to continue, then you would not have posted this.
Actually, this is one of those questions that always degrades to rants.
You kidding???? and what...hmm you posted what??? it would have died but you just had to post Sam ...heh hehQuote:
Originally posted by Sam Hobbs
Notice you got your wish. The rants continue.
If you did not want the rants to continue, then you would not have posted this.
Actually, this is one of those questions that always degrades to rants.
Quote:
Originally posted by ovidiucucu
Is this the first successfully infinite loop you have written?
So you can enjoy also with kaboom--, kaboom,kaboom, and even with no kaboom.
Code:
while(1){
for(;;){
kaboom*=kaboom;
}
}
Quite true. So let's make peace,Quote:
Originally posted by Sam Hobbs
Actually, this is one of those questions that always degrades to rants.
forget "Is it possible to uniquely identify a PC by means of hardware?" and go there...
http://www.codeguru.com/forum/showth...hreadid=262296
If it truly was destined to die then I apologize. Notice that my reply was less that half an hour after the previous reply. I would not have replied if this thread had not been on the first page.Quote:
Originally posted by Mick_2002
it would have died but you just had to post Sam ...heh heh
Well in hasp the way it works is u store something on the hasp key and the programs checks for it to make sure its licensed.
The problem is still the same , if some one wants to crack it they will.
So if your software is so good that their are people trying to crack it just hopethat it becomes popular also that some will buy it as well.
As far as DRM / Palladium goes there already have been papers presented which show that even it can be taken care off.