4

I need to create a simple application that doesn't work after 30 days.

How can I do that ?

Is there a way to use Trial program after 30 days ?

Renjith G
  • 4,718
  • 14
  • 42
  • 56
xRobot
  • 25,579
  • 69
  • 184
  • 304
  • I'd use virtualbox instead. ;-) – Kris Mar 20 '10 at 00:44
  • wine doesn't work for all programs ;) – xRobot Mar 20 '10 at 00:46
  • Hmm, did you look on sourceforge? There might be some free, tried & tested solution that you can just link to. But, as stated above, everything can be cracked. All that you can do is make it difficult & slow down the rate of cracking. – Mawg says reinstate Monica Feb 04 '11 at 02:50
  • Probably the only way reliably to do this is to make your program in some way dependent on a Web service - and then ensure that the Web service is only available to the subscriber for 30 days, or at least require the subscriber to take some action to extend the trial period. Personally I think the better model is to have the trial version lack some kind of "enterprise feature" or "support contract" or something along these lines that you get in the full version. – Brandin Mar 01 '14 at 12:11

6 Answers6

14

There is always a way to use a trial program after 30 days.

Tuomas Pelkonen
  • 7,783
  • 2
  • 31
  • 32
  • If there is always a way then why adobe and other software house create Trial version of their programs ? – xRobot Mar 20 '10 at 00:28
  • 1
    There are many reasons for that, but the bad guys will always get around the 30 day limit if they want. It gives the chance for normal users to try the software before investing in it, 'free' marketing for the company, PR issues, etc. – Tuomas Pelkonen Mar 20 '10 at 00:29
  • 1
    More or less true, and trial software is usually rather annoying (I usually get to test stuff for 10 minutes over those 30 days). But it can be done reasonably reliably. But you'll never be able to lock it tighter than a single clever hacker can pry open. so upvote for truth – Kris Mar 20 '10 at 00:33
13

If by "best" you mean least breakable, then there is really only one way: make it an Internet-based "software as a service" application. If you don't provide access, they're not using the software. If it is a desktop-based application, then some key piece of functionality would still have to be on an online server somewhere.

If the hacker has the entire application on their local machine, it can be reverse engineered and "cracked" in some fashion. The only way to overcome this is to assure that some part of the functionality is never on their machine.

Robert Cartaino
  • 27,494
  • 6
  • 45
  • 67
  • 3
    I *HATE* web applications, but basically they are the solution to this problem. Not sure if it's a problem, though. People that use the software professionally, will usually pay for it even without any kind of software protection (look at Oracle and IBM...), and people that pirate it, would not have bought it anyway, while if they pirate it you get visibility and people will learn your software. – Aram Hăvărneanu Mar 20 '10 at 00:39
7

I think a better solution is a feature-limited application -- say you can do basic operations but to take advantage of the best features you have to get a paid license. This does two things -- assuming your app is well-done and interesting to a variety of users. First, you can get a larger number of people to try your app. Second you can get some good will by releasing your "lite" version free.

If you really need to do a time-limited trial, then I would consider having it write an encrypted key to the registry (windows) or a dot-file (linux). This key could encode the expiration date. Using reversible encryption allows you to get this value back out. Using a secret key helps protect against someone generating their own (valid) key. The fully licensed app could use the same key mechanism but encrypting a key value that allows permanent usage.

tvanfosson
  • 524,688
  • 99
  • 697
  • 795
  • +1 for not only stating the obvious but also providing a viable alternative – Daniel Sloof Mar 20 '10 at 00:43
  • Maybe ... Build two versions. But make sure the full version has an encrypted data to identify who bought it, because it *will* still get into the wild. You can't stop it then, but can blame someone. I would also recommend that the program visit your website for permission to run. – Mawg says reinstate Monica Mar 20 '10 at 01:13
  • The "permanent" key should also encode something unique to the license. I'm against requiring web access if it's a desktop app -- crippling your app just because it can't access your web site is obnoxious. – tvanfosson Mar 20 '10 at 01:38
  • Apart from the encrypted key in a file option suggested above by tvanfosson, are there any other ways to implement the trial checks, without involving the registry or anything that incurs admin access privileges to the installer? Also, not using the web based checks or disabling some premium features. For the encrypted key in a file option, are there any best practices or some detailed pointers on the web? –  Feb 04 '11 at 02:50
6

From my answer to implementing-expiration-dates-in-an-application/1871218#1871218:

Probably the most user friendly to do this is to keep track of the number of days a user has used your software. For example, each time your program starts up you could write a date to an encrypted file (unless the date already exists in the file). Then once there are more than, say, 30 dates in the file, let the user know it is time to buy the full version.

Real products such as Beyond Compare use this scheme - great for potential customers that install your product and don't use it for 30 days only to find that the trial has expired.

Also keep in mind that your scheme does not have to be perfect, just make it strong enough that it will not be convenient for users to break it.

Community
  • 1
  • 1
Justin Ethier
  • 131,333
  • 52
  • 229
  • 284
  • +1 Simply for the fact that I was commenting today to a colleague that the BeyondCompare trial period (I own a license myself) is one of the most reasonable, intelligent ways I've seen it implemented. I am usually the guy who installs a trial & then gets pointed in a different direction, only to come back weeks later & find the unused "trial" version expired. – Dan Feb 05 '11 at 00:02
3

Have the program request a key from your server on first run and check its validity every time the program starts and every 24 hours.

Kris
  • 40,604
  • 9
  • 72
  • 101
1

Another option is to have a server-side compiler when you download the application. This can "inject" a license key into the binary. You can do this using a constant in a seperate file. This can then be linked with the other pre-comiled files. This method is slower but harder to crack as the hacker would need to decompile the program.

Maz
  • 3,375
  • 1
  • 22
  • 27
  • 1
    Most cracking is done with a deocmpiler -- usually running under a hardware-level debugger on a VM. Remember, kids, to protect your software you first need to know how to break it. – Robert Fraser Mar 20 '10 at 00:54