i am making a business application and i cant afford other activation software to protect my software from being pirated. I am looking for some place to save my activation, trial and licence data in user's computer. I think that if i use compact editions of sql server and give password to it, it will be impossible for any other hacker or cracker to modify activation data and pirate my software? Is this safe or i shoul go for anyother option?
Asked
Active
Viewed 279 times
1 Answers
0
First, you must realize that making it 'impossible' to crack has been tried and tried again by the largest corporations and most sophisticated products- and it has always failed.
Having said that, you can make progress towards encouraging your customers to purchase a license by using a password protected encrypted database, password alone is not enough.
Also, what do you plan on using for your password? Is it going to be hardcoded? Will you salt a hardcoded pwd with something unique to the system its running on? Will that be good enough, I'm assuming if thats all you do breaking it would be fairly trivial- disassemble your code and find the hardcoded password, and figure out how you compute the system unique value.
Please take a look at this other similar SO Question and its answers- some are quite good.
Community
- 1
- 1
Abdul Hfuda
- 1,463
- 12
- 25
-
thank you for your reply i understand that i should not have used word impossible . but i am just asking that if i use password protected sql compact database to save licence information instead of registy or anyother location. is it ok? is it safe? can anyone crack the password of sql compact database to change the licence data? – hit_sh Feb 18 '12 at 09:41
-
It is cryptographically safe yes- it is AES128 - all known attacks are computationally infeasible. http://en.wikipedia.org/wiki/SQL_Server_Compact http://en.wikipedia.org/wiki/Advanced_Encryption_Standard – Abdul Hfuda Feb 19 '12 at 07:19
-
Thanks for reply. i have another question . pls help me out with this. now i know that its impossible to crack the security of .sdf fie but by searching google i have came to know that. its big challange to keep .sdf password secret. how is it possible? . My password will be in C# file and i will deliver .exe to my customer not source code. There is no way to get source code from .exe. is there any way to get source code from exe? is yes then how do i keep my password safe? – hit_sh Feb 19 '12 at 11:18
-
Even if its a compiled exe, it can be disassembled and the password can be fetched. If there is no user input you can base the password on (like a user password) then you are going to have a hard time hiding that password from a malicious party that is interested in it. The most secure place to store a password is in a human mind. – Abdul Hfuda Feb 19 '12 at 22:25
-
Even if its a compiled exe, it can be disassembled and the password can be fetched. If there is no user input you can base the password on (like a user password) then you are going to have a hard time hiding that password from a malicious party that is interested in it. The most secure place to store a password is in a human mind. Failing that, take a look at the Windows Certificate Store http://technet.microsoft.com/en-us/library/cc757138(v=ws.10).aspx – Abdul Hfuda Feb 19 '12 at 22:32