none
Stopping Piracy on Desktop Application RRS feed

  • Question

  • Hello All,

    I have a C# desktop application that will be sold to customers. How can i stop PIRACY and what can be the best solution ??

     

    I can also go with a Web solution as i have a website too (We can ask Users for activation through web first time but still the question is same HOW ?).

     - I looked for the Serial Key method but it cannot stop piracy.

     

    Kindly, help me.

    Regards,

    Behroz Sikander

    Tuesday, April 19, 2011 3:04 PM

Answers

  • Hi Rogerz1234567,

    The way to stop piracy

    Piracy should be stopped, there is no question about that, but best way to do that is to embrace the online world. I don't mean you have to give something away for free, but you do have to remove the many limits that have nothing to do with your product.

    Allow people to use your products the way that they want to use it, when they want to use it, and where they want to use it.

    Give people a way to enjoy your product without having to feel unjustified and without forcing people into finding "another way".

    This is not just about the movie and music industries. This is about any industry, including when you are making web applications.

    It is one thing to decide which platforms, and channels you want to support. That is often a wise strategy. But it is different thing when you are actively trying to prevent all other channels. That is not a wise decision.

    Like when Facebook tries to decide what you may, or may not do, with your own content. Or when Apple is deciding what kind of applications you may, and may not, install your iPhone.

    Apple made a wise choice when they created a number of criteria's for which applications that they are going to support via the App Store. But they made a bad decision when they also decided to block all other applications, even those distributed via non-apple channels.

    People will turn to piracy when you are trying to force them into working a certain way, buying your product through complicated channels, or deciding when or where they can use it.

    Most people do not turn to piracy because of the price of your product (unless it is incredibly expensive), people turn to piracy because it is too hard, too complicated - or even outright impossible - to use it the right way.

    Fight the real pirates, the ones who steal because they want to steal. Don't fight ordinary people, who simply turn to piracy because you make it too hard for them to use your product.

    7 Ways to Prevent Piracy

    [1] Copy protection system

    [2] Separate demo and full version

    [3] Online game features or online registration

    [4] Give discounts or lower the product price

    [5] Give your product for free

    [6] Don’t give away your software source code

    [7] If your product ends up to some warez site, take legal actions

     

    You also can read this article:

    http://www.howtodothings.com/business/how-to-prevent-software-piracy

     

    Or choose http://www.smartsoftkey.com/products/antipiracy.html

     

    Best wishes,


    Mike [MSFT]
    MSDN Community Support | Feedback to us
    Get or Request Code Sample from Microsoft
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Monday, April 25, 2011 12:32 PM
    Moderator
  • Hello,

    The only real way to stop piracy is to first have them agree to T&C's that state the software is licensed to run on only 1 PC.

    From there, have them register locally on their machine. To complete registration, capture unique hardware ids and store them in your db. i.e. MAC address, drive letters, etc...

    Each time the program starts, query your db and match the criteria. If there's a match, run the app. If not, give them pop-up stating, "Your hardware has changed or this software is not running on the registered PC. Please contact support."

    Adam


    Ctrl+Z
    Tuesday, April 19, 2011 3:21 PM
  • One way I have been toying with is to build an installer that is pulled down from your website. This could be a very small executeable that does this:

    1. Uses DPAPI to encrypt some data. Anything will do, like a string: "registered user". This is old but I don't think it has changed much, DPAPI has been around a while (http://msdn.microsoft.com/en-us/library/ff649246.aspx). The key to using this is that you can choose to encrypt data that is ONLY decryptable on THAT machine.

    2. The installer sends the encrypted data to your web service where it is compliled directly into an assembly with MS Build.

    3. An msi installer is generated by your webservice that includes the assembly you just built.

    4. The installer pulls down the msi and begins really installing your application.

    5. On startup of your application try to decrypt that string. If it fails, then it is not the PC that that downloaded it.

     


    Bob - www.crowcoder.com
    Tuesday, April 19, 2011 6:07 PM
  • My solution is not without complexity, but anti-piracy is a difficult solution. Maybe you want to leave it to the pros and purchase a service like:

    http://www.infralution.com/licensing.html


    Bob - www.crowcoder.com
    Wednesday, April 20, 2011 7:35 PM

All replies

  • Hello,

    The only real way to stop piracy is to first have them agree to T&C's that state the software is licensed to run on only 1 PC.

    From there, have them register locally on their machine. To complete registration, capture unique hardware ids and store them in your db. i.e. MAC address, drive letters, etc...

    Each time the program starts, query your db and match the criteria. If there's a match, run the app. If not, give them pop-up stating, "Your hardware has changed or this software is not running on the registered PC. Please contact support."

    Adam


    Ctrl+Z
    Tuesday, April 19, 2011 3:21 PM
  • One way I have been toying with is to build an installer that is pulled down from your website. This could be a very small executeable that does this:

    1. Uses DPAPI to encrypt some data. Anything will do, like a string: "registered user". This is old but I don't think it has changed much, DPAPI has been around a while (http://msdn.microsoft.com/en-us/library/ff649246.aspx). The key to using this is that you can choose to encrypt data that is ONLY decryptable on THAT machine.

    2. The installer sends the encrypted data to your web service where it is compliled directly into an assembly with MS Build.

    3. An msi installer is generated by your webservice that includes the assembly you just built.

    4. The installer pulls down the msi and begins really installing your application.

    5. On startup of your application try to decrypt that string. If it fails, then it is not the PC that that downloaded it.

     


    Bob - www.crowcoder.com
    Tuesday, April 19, 2011 6:07 PM
  • Hello Adam,

    This seems to be a solution.

    >>From there, have them register locally on their machine. To complete registration, capture unique hardware ids and store them in your db. i.e. MAC address, drive letters, etc..

    - You mean that first time they register themselve and i get there MAC and store in my DB online. By this way i will have to assign a unique ID to each software(somehow. i dont know how to do that now :) ) and capture there MAC and and store the MAC against that unique ID in my Database.

     

    I dont see any thing wrong here. If you find anything wrong in this then please guide me.

     

    Regards,

    Behroz Sikander

    Wednesday, April 20, 2011 7:26 PM
  • Hello Molku,

    Well, you solution seems to be quite complicated and i am relatively new to C#. I will read your link. Thanks :)

    Wednesday, April 20, 2011 7:27 PM
  • Btw i was thinking that MICROSOFT WINDOWS is pirated heavily and how can my solution be safe/piracy free ? I am just asking in curiosity. 
    Wednesday, April 20, 2011 7:29 PM
  • My solution is not without complexity, but anti-piracy is a difficult solution. Maybe you want to leave it to the pros and purchase a service like:

    http://www.infralution.com/licensing.html


    Bob - www.crowcoder.com
    Wednesday, April 20, 2011 7:35 PM
  • Rogerz,

    Be aware as this is to complicated for you, your software is still not worth to have an anti piracy feature in is.

    These features are complex and costly. I'm hopefully you don't want to register code as your property which you simply did grasp here or from other forums.

    We gave that for free, not to let you misuse that.

     


    Success
    Cor
    Thursday, April 21, 2011 7:39 AM
  • Hi Rogerz1234567,

    The way to stop piracy

    Piracy should be stopped, there is no question about that, but best way to do that is to embrace the online world. I don't mean you have to give something away for free, but you do have to remove the many limits that have nothing to do with your product.

    Allow people to use your products the way that they want to use it, when they want to use it, and where they want to use it.

    Give people a way to enjoy your product without having to feel unjustified and without forcing people into finding "another way".

    This is not just about the movie and music industries. This is about any industry, including when you are making web applications.

    It is one thing to decide which platforms, and channels you want to support. That is often a wise strategy. But it is different thing when you are actively trying to prevent all other channels. That is not a wise decision.

    Like when Facebook tries to decide what you may, or may not do, with your own content. Or when Apple is deciding what kind of applications you may, and may not, install your iPhone.

    Apple made a wise choice when they created a number of criteria's for which applications that they are going to support via the App Store. But they made a bad decision when they also decided to block all other applications, even those distributed via non-apple channels.

    People will turn to piracy when you are trying to force them into working a certain way, buying your product through complicated channels, or deciding when or where they can use it.

    Most people do not turn to piracy because of the price of your product (unless it is incredibly expensive), people turn to piracy because it is too hard, too complicated - or even outright impossible - to use it the right way.

    Fight the real pirates, the ones who steal because they want to steal. Don't fight ordinary people, who simply turn to piracy because you make it too hard for them to use your product.

    7 Ways to Prevent Piracy

    [1] Copy protection system

    [2] Separate demo and full version

    [3] Online game features or online registration

    [4] Give discounts or lower the product price

    [5] Give your product for free

    [6] Don’t give away your software source code

    [7] If your product ends up to some warez site, take legal actions

     

    You also can read this article:

    http://www.howtodothings.com/business/how-to-prevent-software-piracy

     

    Or choose http://www.smartsoftkey.com/products/antipiracy.html

     

    Best wishes,


    Mike [MSFT]
    MSDN Community Support | Feedback to us
    Get or Request Code Sample from Microsoft
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Monday, April 25, 2011 12:32 PM
    Moderator
  • There are several  products out there that specialize in software copy protection. We evaluated a few and opted for Quick License Manager from Soraco Technologies @ www.soraco.co. So far, we are happy with our choice.
    rmarma
    Monday, June 13, 2011 12:18 PM
  • The big problem about c# is that code is easily decompiled (this is a big issue), so some cracker can easily strip licensing off.
    I thought once how to solve this, and came into something like:
    Create millions of copies of your code, mutate each part of the code so algorithmically it would be incorrect, scramble them out, DO NOT keep the deck (how you scrambled it) into the executable . And them compile it altogether.
    So the deck is your key (it can be really big, like a license file)
    You can increment this by encrypting, hashing, etc.

    With this you can merge more than one program into one executable, with different keys it will link the functions differently behaving differently.

    Even though with some effort a cracker would still be able to rebuild and strip off useless parts having the executable and the key.

    Publishing your software as a "Software as a service" leads you into another dillema: html and javascript have to be sent to the client, with some reverse engineering someone would just recreate the server logic (e.g. Bizzard's WOW private servers).

    Another idea is creating a owner id for each legit buyer , and then using  criptography you would generate many "equivalent id's" using private key secrects, and spread it through the executable. Finding a cracked copy you can then trackback (using criptographic ids) who was the one who cracked your program. Event it is not a reffutable proof, it's the "best approximation" of "who would I sue". You cannot just believe that crackers are lazy, so they would not bother tracking "useless" parts of code.
    Thursday, January 16, 2020 12:22 AM