What is the best folder for a secret file? - Level Extreme

Level Extreme platform

Subscription

Corporate profile

Products & Services

Support

Legal

Français

What is the best folder for a secret file?

Message

From

28/04/2005 15:48:05

Terry Thurber
R6Solutions
Houston, Texas, United States

To

28/04/2005 15:02:44

Greg Green
Independent Developer
Lincolnton, Georgia, United States

General information

Forum:

Visual FoxPro

Category:

Coding, syntax & commands

Title:

Re: What is the best folder for a secret file?

Miscellaneous

Thread ID:

01009067

Message ID:

01009423

Views:

15

Thanks!

The application has a startup that looks for a specific file in the runtime folder. When the file is "seen" (it is a disguised DBF), an internal routine will open it and update "configuration" fields in the "system" file. THese fields include emcrypted dates and serial numbers. The openndate will extend their activation or accomodate an annual renewal.

Do your apps require an annual licensing fee?

Should the user email me through the apps "contact" dialog - configuration information is forwarded (much like the error reporting system) to me. I would, in those cases, look at the report and return the disguised DBF to free the resource.

I really like your registry scheme - thanks.

>I would not use a secret file -- too easily tracked with off-shelf installer trackers. Placing a single value in registry is better, but still can be cracked by good users. Also, how do you provide for legitimate re-installations?
>
>I have a table that is included in the project (adds to the exe at build) with an internal key and an external key. On first execution of the program, a random record is selected in the table; the external key is recorded (via encryption) into the registry and then displayed in a "Registration" dialog (form). They will provide to me the external key in which I return the internal key for them to enter. Both keys validated against the internal table and are then stored combined via encryption.
>
>The program at each startup reads the registry to get the stored key:
>
> * if only the external key is stored, then the program runs in demo;
> * if both keys are stored, then a check is made against the internal table for
> validity; if invalid (meaning hacked) then the program notifies user of invalid
> key and runs in demo;
>
>You can also store PC specific info (such as harddrive serial) into the encrypted string to prevent the key from being copied to another PC. This all depends on how much you want to trust your users. If a re-installation is required, then you can easily email them a new internal key for the new external key.

Imagination is more important than knowledge

Click here to load this message in the networking platform