3

I want to make a program for some people, so i make the program again for each person, and if someone gives the program to other guy, he can't use it.

How can I do that? Without any internet connection.

Does any PC has some unique id or something like that, that i can make him a program to get it, so he will send me, and in my program i'll check if is the same, if not the program will stop.

Something like hwid will work? Is the hardware id unique and cannot be changed? If so, how can I get it? I found a lot of questions, but without any good answers..

manlio
  • 18,345
  • 14
  • 76
  • 126
Boldijar Paul
  • 5,405
  • 9
  • 46
  • 94
  • 4
    Since not even the gaming industry is able to solve this problem, after pouring millions in research money into finding a solution, nobody else will be able to, either. – Konrad Rudolph Mar 05 '14 at 10:37
  • 2
    Only thing you can do is to make it a bit annoying to bypass your protection. The question is if that's enough for you or if you need prove that it doesn't work otherwise – MatthiasB Mar 05 '14 at 10:39
  • Even the most sophisticated applications fail to deliver on that (autocad, steam, 3dmax) and that is with utilization of online element too, which makes it substantially harder, only stop the thieves for so long. – Tymoteusz Paul Mar 05 '14 at 10:40
  • 2
    You want to compile the program once for each person? I don't think you really want to do that. I would recommend using a hardware dongle. Something you plug into a USB port and without which the program does not run. They can't share the dongle. – Marius Bancila Mar 05 '14 at 10:40
  • @MariusBancila autocad tried that, back in the days when we still had COM ports on our PCs. Much to say, it failed miserably. – Tymoteusz Paul Mar 05 '14 at 10:43
  • @Puciek there are still companies using it succesfully. Especially when the target market is small, chances are high nobody's going to spend time nor money on reverse engineering it.. – stijn Mar 05 '14 at 10:44
  • @Puciek well, there is no crack-proof solution. But some of them can make it harder to crack. – Marius Bancila Mar 05 '14 at 10:45
  • @stijn you just touched 2 different topics. Just becuase no one cares to crack it doesn't mean that it's secure. Just that no one cares. – Tymoteusz Paul Mar 05 '14 at 10:45
  • yes of course. But that also means it's effective and it works. Which is the goal in the first place. – stijn Mar 05 '14 at 10:47
  • Guys, the people who will use the programs have no ideea how to make a program, or hack / bypass the security.. – Boldijar Paul Mar 05 '14 at 10:50
  • @Paul Look at manlio answer – DrakaSAN Mar 05 '14 at 10:52

4 Answers4

6

Take a look at these:

If you want something a bit harder to spoof than whatever the machine itself can tell you, you'll probably need a USB dongle dedicated for this purpose.

Community
  • 1
  • 1
manlio
  • 18,345
  • 14
  • 76
  • 126
2

There are several ways to identify a computer from where a program runs:

  1. WMI - Windows provides a set of classes that can be used for most hardware enumeration and identification tasks, which is named WMI or Windows Management Instrumentation. These are extensions to the Windows Driver Model (WDM).

  2. CPU ID - The solution that seems to be the best choice is to sample the CPU unique identification number (or CPU ID). However, there are several problems that makes it impossible to rely on reading the CPU ID.

To begin with, most CPUs with the exception of the old Pentium III, don't have a unique CPU Serial Number. Intel has removed this feature for privacy reasons.

It is still possible to generate a unique ID from the motherboard as a whole. That certainly works but the huge number of different types of motherboards and manufacturers makes it next to impossible to generate a unique ID that will cover all of them.

  1. MAC address based hardware ID The next choice for obtaining such a unique ID would be sampling the MAC address. To begin with, what is the "MAC address"? It stands for Media Access Control. The MAC address is 48 bits long (6 bytes). The GetMACAddress code sample explains how to obtain the MAC address.

However, there is one problem with this approach: the MAC address can be easily changed into a new one...

  1. Hard Drive serial number It seems that the only reliable solution for obtaining a machine ID would be using the serial number of the main Hard Drive. The second example, GetHDSerialNumber, shows how to obtain this ID. From my experience, this approach is the best one and the most reliable for generating a unique machine based hardware ID.

See also this article.

Michael Haephrati
  • 3,660
  • 1
  • 33
  • 56
1

Like others have said, it is really hard to do this reliably. You CAN use things like hardware dongles or licensing software to try to restrict use. For anyone sufficiently motivated this is a speed bump, not much more.

Another aspect of this is that the more secure you try to make it, the higher the risk that it'll be too restrictive. That is, it might end up accidentally blocking legitimate use, which is a really bad thing to do if you want to keep users happy.

Mattias Nilsson
  • 3,639
  • 1
  • 22
  • 29
0

This was tried many, many times when the PCs became popular. Each time a dismal failure. It even interferes with rights the law grants the user (keep backup copies). It also turned out that the hassle for the user was enough for many of them to just don't use the "copy protected" programs.

Today this is done successfully by the various gaming consoles, but there the provider of the console has a very tight control over the machine and the software. By force, those can't be used as regular computing platforms by the user, they are single-purpose. No wide range of software available.

The only ones to pull of this feat on regular machines have been expensive programs like Mathlab or Autocad, mostly through some sort of "license server" under tight control of the network administrator, tied to the specific server on which it runs by some long-winded procedure. And even so, it isn't too hard to get pirated ("unlocked") copies.

vonbrand
  • 11,412
  • 8
  • 32
  • 52
  • What i want to do is not a important thing, the guys who are going to use my program have no ideea how to hack my program or bypass any security.. they can only want to give the programs to other persons – Boldijar Paul Mar 05 '14 at 10:49
  • @Paul, the "other persons" can know about this stuff, or know somebody, or Google, ... You can *never* assume the adversary is completely ignorant, much less this day and age. Besides, in my experience, if you treat your users as criminals, they become criminals. – vonbrand Mar 05 '14 at 11:30