kee at kagi.com
Tue Oct 11 23:16:00 CDT 2011
The common way to do this is to do a simple GET to your server. Perhaps use the unlock code as part of the URL. For example:
Log all the server connections. Once a day examine the log files to see if the same unlock code is coming from multiple IP addresses. If it is, that means that person has handed out their unlock code. If you see an unlock code that is rogue, create a text file and put it at that location on your server.
Set up your server to have a very simple short 404 message because most of your calls should get that (file not found). Make it very short and if your app receives that as a response, carry on.
Perhaps the first text file signals to those apps to report home more frequently than normal so that you can see how many simultaneous users you have. Once you know the code is stolen, change the file to a kill signal.
If your app receives a kill signal, perhaps have some message in multiple languages that lets them know that this software is just a trial version and the trial period is over. Let them know they can purchase the fully unlocked version at your web site and give them that URL.
The thing to do is to not do this check immediately when launched and to not display the message immediately after you receive it. Instead squirrel it away somewhere like in your prefs file and then later on, display it and delete the saved unlock code from the software.
My assumption with the above URL is that you are not going to have thousands of regcodes that you need to disable. If you think that might happen, take the first couple of characters and make them directories. For example, for a regcode of abcde12345 the URL might be
I understand that Apache doesn't like serving up files out of a directory with thousands of files. But odds are you will not have that many and one single directory should be enough.
If your app cannot connect to your server after some number of attempts over some number of days, perhaps put up a bogus error message and a URL that explains it (with the unlock code encoded in the URL). That will let you know whether the unlock code is out there in major use.
Finally, for each revision of your software, include some number of the unlock codes that if seen will cause the app to disable itself.
On Oct 11, 2011, at 8:17 PM, Peter Bogdanoff wrote:
> Yes, an internet connection is assumed because of streaming audio in the program.
> But how do I identify the user's computer so that no one else can use a copy of the program & serial?
> I don't see a MAC address property in LC; neither a date function that would tell me a fixed OS installation date. The machine name seems to change. The IP address will vary. So a hidden prefs file seems the thing.
> I don't know how to do that.
> On Oct 11, 2011, at 7:26 PM, Gerry wrote:
>> Or use an online method? Will your app be used in settings where a internet connection can be assumed?
>> -- photos: http://gerryorkin.com
>> On Wednesday, 12 October 2011 at 11:35 AM, Björnke von Gierke wrote:
>>> To prevent copying, do not produce anything. It's the perfect counter measure!
>> use-livecode mailing list
>> use-livecode at lists.runrev.com
>> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
More information about the use-livecode