6

Possible Duplicate:
How are Software License Keys generated?

I am a beginner in software developement and I would like to know how to implement a protection system on my Java app to protect it against piracy. I know that there's no perfect solution. But i just want to know how protect it. And don't tell me to make it open source,it's impossible in my case :).

Thanks for your time and answers.

Community
  • 1
  • 1
Zak001
  • 193
  • 4
  • 8
  • 1
    Your java code is compiled, so its source is protected, if you want to protect copied versions of it, there's a similar question here http://stackoverflow.com/questions/3647255/how-do-i-copy-protect-my-java-application – Carlos Quijano Dec 22 '11 at 23:49
  • @CarlosQuijano Thought the java code gets compiled but it's still possible to decompile with free softwares availabel over internet and a even a beginner can see what password has you set for your DB connection or what is your actual code etc. – Airy Sep 27 '14 at 09:45

2 Answers2

8

As any license enforcement solution can be cracked with a bit of effort, I suggest you don't try to implement copy-protection at all. License management is just inconvenient for your users.

If you are determined to implement copy-protection, you can use an open-source library.

Additionally, you should obfuscate your byte code to make it slightly more difficult to reverse-engineer your application.

AAEM
  • 1,837
  • 2
  • 18
  • 26
Niklas B.
  • 92,950
  • 18
  • 194
  • 224
  • That's only "significantly more difficult" in a relative sense. Someone with the relevant skills can still probably disable an obfuscated license management hook in a few hours, if not quicker. – Stephen C Dec 23 '11 at 01:24
  • @StephanC: Of course, but it would be a few minutes otherwise :) – Niklas B. Dec 23 '11 at 10:27
1

I considered this some years ago. Eventually I decided not to license it; I gave it away for free but I think my best idea was:

Send them a license file containing a key. Name the file with their full name and e-mail address or something equally personal and make sure renaming it will invalidate the key. This should be simple to achieve. There are many techniques you could use that would not require storing the key in your application.

Like any system, this is not uncrackable but as was explained to me many years ago, security is for keeping honest people honest.

OldCurmudgeon
  • 64,482
  • 16
  • 119
  • 213
  • yeah, I know that there are no perfect solution. – Zak001 Dec 23 '11 at 00:10
  • 2
    Since you shared your idea with me, I will tell you about mine: 1) I'll create a hash for each version. 2) before installation the application will calculate it's own hash and send it to a server wich will check if the (hash,version) is correct. If it's not, the installation will stop and the server will send me an email with some details (IP address, MAC address and the date). 3) Now if the hash is ok, the licence verification will be launched. If the licence is ok the installation will begin. All of this stuff is going to be crypted. I know, it's not enough. – Zak001 Dec 23 '11 at 00:18
  • 1
    @Zak001 - that might take a few hours to workaround. But once the workaround has been done, a hacked installer would simply skip the step of checking with the server and use a previously fetched key to do the decryption. (Even creating new keys / hashes for each download won't prevent that ...) – Stephen C Dec 23 '11 at 01:30
  • @Zak - You are assuming an online connection at time of install?? My main aim is to ensure that anyone can give away their key to anyone else if they wish but if they are also giving away an e-mail address (you could use heir home address too if you wish) then they will think twice. – OldCurmudgeon Dec 23 '11 at 02:02