Serial No. Generator

[Phillip Flores]

Hi,

Is there a tool out there that will allow me to a create/generate serial
number which I can then embed in an application that I am deploying? I
do not want to store the serial number in the registry or in a hidden
file, I want to include it in the executable. I do not want to recompile
the program with a new serial number everytime the app is deployed.

TIA.

--
Cheers,

Phillip Flores
+-----------------------------------------------+
| "Where did your time go today? Get VeriTime!" |
| http://www.pcfworks.com" |
| "The Delphi Catalog" |
| http://www.delphicatalog.com |
+-----------------------------------------------+

[M Lumbrer]

Hi,
I was facing the same problem.
You can get the volume of the disk, and the serial number
of the current windows installed looking at the registry, scramble it
and you get a serial number.
Of course, if the user reinstall or reformat the disk, the serial number
can change
Its a 'cheap' solution.
Bye
Mauricio

Phillip Flores <pfl...@zip.com.au> escribió en el mensaje de noticias
3AFB5923...@zip.com.au...

[FinalFiler]

G'day Phillip,

Don't know if this is what you mean, but I've been very pleased with
1Way.dll.

See http://www.atma-software.com/

Pierre

"Phillip Flores" <pfl...@zip.com.au> wrote in message
news:3AFB5923...@zip.com.au...

[Father - Mike Johnson]

When Delphi 1 was out I remember a flurry of activity over "compiling in
version information".. that would be updated when you compiled, also you can
update resources. I would include a fixed width resource string, then write
a program to patch the serial number into the program itself... I guess you
could hash the serialnumber to give it a modicum of protection.

Mike

Phillip Flores <pfl...@zip.com.au> wrote in message
news:3AFB5923...@zip.com.au...

[Gordon Hamm]

I think what would be best is if an application could write to its own exe
file while running. Thats not posible is it? I dont think so.. That would be
a great place to hide info etc.

--
Gordon Hamm
Voice Data Systems Inc.
360-686-8315

"Father - Mike Johnson" <fath...@bigattichouse.spam.com> wrote in message
news:3afbe7b0_1@dnews...

[Luke Miller]

You might want to take a look at Turbopower's (www.turbopower.com)
OnGuard. The manual is not the greatest but it gives you a great amount
of flexibility. We use it in our products and have been very happy with
it.

Luke Miller
lmi...@rescorsoft.com

[Peck]

> You might want to take a look at Turbopower's (www.turbopower.com)
> OnGuard. The manual is not the greatest but it gives you a great amount
> of flexibility. We use it in our products and have been very happy with
> it.

I beg to differ. Now that I sold off OnGuard, I can speak freely about it.

You can download the my program/ components and get the unlock codes
from any warez sites.

For the newer version of my programs/ components, I am using a
different copy protection VCL instead. I use real cryptography
instead. (1/2 price TurboPower's OnGuard price)

I had to fill in all the forms and submit them to the USA DoD to get
clearance to export non-encrpyting crypto to Singapore.

HTH
-- Peck.

[Lars Rosenberg]

I use pseudo random numbers, the number on the dard drive and more. This
makes is very hard to crack. A cracker must use at least two computers debud
through recursive random functions.

Do not check the whole part of the serial number. Check different parts of
the serial number in different versioins. Then if some one crakcs a serial
number then it probably wont work in the next version.

But remember the first rule. No cryptation is.

Lars.

[Sundial Services]

Burglars breaking into computer programs generally do not analyze the
locks, nor brute-force them; they remove them altogether. Study the
cracking (warez) news groups for considerable enlightenment about how
they approach their work, and how easily they succeed in most cases.

A serial-number is an important enabler of legitimate commerce. (It
gives the purchaser something to buy.) But it is -not- in my opinion a
defense against crackers. As my friend said [of his thousand-dollar
12-string guitar which he kept in a cardboard case secured with a flimsy
lock] "it keeps the honest people out."

>Lars Rosenberg wrote:
>
> I use pseudo random numbers, the number on the dard drive and more. This
> makes is very hard to crack. A cracker must use at least two computers debud
> through recursive random functions.
>
> Do not check the whole part of the serial number. Check different parts of
> the serial number in different versioins. Then if some one crakcs a serial
> number then it probably wont work in the next version.
>
> But remember the first rule. No cryptation is.

------------------------------------------------------------------
Sundial Services :: Scottsdale, AZ (USA) :: (480) 946-8259
mailto:in...@sundialservices.com (PGP public key available.)
> Fast(!), automatic table-repair with two clicks of the mouse!
> ChimneySweep(R): "Click click, it's fixed!" {tm}
> http://www.sundialservices.com/products/chimneysweep

[Lars Rosenberg]

>
> A serial-number is an important enabler of legitimate commerce. (It
> gives the purchaser something to buy.) But it is -not- in my opinion a
> defense against crackers. As my friend said [of his thousand-dollar
> 12-string guitar which he kept in a cardboard case secured with a flimsy
> lock] "it keeps the honest people out."

Not to mention a car. As we say in Sweden "Locks are for honest people".

You can make a registration over the net and checks via CGI scripts that
ensure only one user uses the serial number. For example: In a file on a
server store records of serial number, drivenb, nb [, email [, name [,
etc]]]. When the check program oon the server finds a serial number with
lots of driveNb it is probably a cracked version. Then crash the programs
for every user except the first.

And mmost important of all. Have different executables, DLL's, OCX's for
shareware/demo and registered version.

When my customer registers the get a new executable.

If possible use adware. Who hacks a freeware program just to get ridd of the
adware.

[Lars Rosenberg]

What if the keys in the registery never have the same name and never the
same numbers for different installs?

[Eivind Bakkestuen]

> I beg to differ. Now that I sold off OnGuard, I can speak freely about it.
>
> You can download the my program/ components and get the unlock codes
> from any warez sites.

Yes, I'm sure one can, but that goes for _any_ program "worth" stealing
these days, not just those protected by OnGuard.

> For the newer version of my programs/ components, I am using a
> different copy protection VCL instead. I use real cryptography
> instead. (1/2 price TurboPower's OnGuard price)

How does the new protection scheme you have selected work better than
OnGuard?

regards,
Eivind

[Sundial Services]

Interesting. I would find a program that -had- to connect to the
Internet (in order to be installed) too difficult to use and would
probably return it.

About a year ago, we stopped providing "demos" at all for
ChimneySweep.® There is simply no effective way to "limit" it without
hobbling it, I think, too much. Furthermore, some people legitimately
only -want- to use it once. So we sell what we call a "rental license,"
which is a time-limited but fully-functional license code, and apply
this nominal purchase-price toward the purchase of a time-unlimited code
within 30 days. The important thing is that we =sell= it. We make it
clear also that it is a "final sale."

There was a time when we had a time-and-feature-limited demo mode .. and
we ran a pre-download survey for a while. We quickly accumulated over
800 surveys. A certain percentage corresponded to purchases, but it
turns out that it wasn't a source of qualified leads. Quite a few
people downloaded but "never got around to installing it" and so-on.
Finally it hit someone, "you know, all we really know about these 800
surveys is that .. we have EIGHT HUNDRED of them." (Talk about a real
"<slap!> Doh!!" experience!)

When people purchase the rental-license, they immediately use the
product and a fairly consistent percentage of them (which I shan't
disclose) purchase a full license within a consistent period of time.
The product doesn't sit on a hard-drive waiting to be "looked at
someday."

Now, this is what works for -our- product but that's not to say that it
works for every type of product. And there are arguments for and
against (Lord knows we've had them!) what WE do.

>Lars Rosenberg wrote:
>
> >
> > A serial-number is an important enabler of legitimate commerce. (It
> > gives the purchaser something to buy.) But it is -not- in my opinion a
> > defense against crackers. As my friend said [of his thousand-dollar
> > 12-string guitar which he kept in a cardboard case secured with a flimsy
> > lock] "it keeps the honest people out."
>
> Not to mention a car. As we say in Sweden "Locks are for honest people".
>
> You can make a registration over the net and checks via CGI scripts that
> ensure only one user uses the serial number. For example: In a file on a
> server store records of serial number, drivenb, nb [, email [, name [,
> etc]]]. When the check program oon the server finds a serial number with
> lots of driveNb it is probably a cracked version. Then crash the programs
> for every user except the first.
>
> And mmost important of all. Have different executables, DLL's, OCX's for
> shareware/demo and registered version.
>
> When my customer registers the get a new executable.
>
> If possible use adware. Who hacks a freeware program just to get ridd of the
> adware.

[Sundial Services]

One of the toughest things in the world is to see a legitimate
unlock-code published on a Warez site .. but you can't send a legitimate
code to anyone anywhere without knowing that a percentage of those codes
will be published. (And you cannot legally prove who did it, even if
they are in your country.) Unlock-codes, like credit card numbers, can
be generated, forged, stolen ...

A cryptography-based system is broken simply by purchasing or acquiring
a legitimate code (e.g. through the means mentioned above), analyzing
the portion of the code which applies the encryption, and using the key
obtained to decrypt the remainder. Now you have a decrypted version
which you disarm in the traditional way.

Get the picture? You AIN'T GONNA STOP 'EM. But warez won't stop you
from selling, because there are still people ... there are plenty of
them ... who want nothing to do with stolen merchandise of any
description. There are still people who realize that "it's wrong" and
that it's also self-defeating.

Want it clearer? The REVENUE from ChimneySweepŽ is what PAYS FOR
ChimneySweep, and if you like ChimneySweep and want to see Version 4 and
5 and what-have-you then ... "cough up your tiny share." Fortunately,
thousands of people did, and do. Which is =why= the lights are on
(hint: we don't live in California ;-)) and we're busy-beavers.

EVERYONE who is employed in the computer business, whether they realize
it or not, is ALSO wholly dependent upon SALES of what they or their
company produces. You can't stop theft (SensorMaticŽ makes a good living
helping retailers try to reduce what they call "shrink"), but even then,
"if you like to buy good things from conveniently-located and
well-stocked stores, you'd better BUY them."

Most people, of course, know that. I call 'em "customers."

[Lars Rosenberg]

I have used adware instead of demos so far. What's the use of cracking a
program that has no limitiation. For every installed program I get an
average of US$ 0.06 to US$ 0.12. I have an average of 2000 downloads a day
that results in 1000 new installes. I get paid for every ad the user click.

The problem for me now is that the license for an mp3 encoder is US$ 10 per
unit and an annual minimum of US$ 5,000. I will make two encoder one limited
demo and one licensed product. My problem is not the limited demo. For the
demo version I know fairly well how to protect it against crackers. I know
some old crackers and how they think. The problem is the registered one and
how to make it impossible to redistribute an install file. The registration
via the homepage gors in the background. The user never see this. Hee see
that something is if he uses redistributed program.

--
Lars

[Lars Rosenberg]

I have said it before and say it again.

If you have problem with cracks try using adware. What's the key of cracking
a version that is free? Commercial TV that lives on advertising doesn't have
any problems with illegal decoders. I have been able to live on the income
from my adware programs. January to April they have generated US$ 17,000 on
100,000 installs. Which shareware generates US$ 17,000 for 100,000 installs
(200,000 downloads) if the program costs US$ 25. Note the distributor takes
US$ 3.5 of the US$ 25.

Lars

> > How does the new protection scheme you have selected work better than
> > OnGuard?
>

> You're a TurboPower TPX guy. You should know the answer.
>
> Hint: The answer is the same as using the RSA and digital signatures
> in Lockbox for non-encrypting purposes.
>
> I have replied; but I will not answer your question.
>
> --
> Peck Kim Han
> HelpMaker Help Authoring Tool
> http://www.helpmaker.net/
>
>

[JustSoft]

Hi Phillip

Take a look at JustData, this application creates data for almost
any environment.

On Fri, 11 May 2001 13:14:43 +1000, Phillip Flores <pfl...@zip.com.au> wrote:

>Hi,
>
>Is there a tool out there that will allow me to a create/generate serial
>number which I can then embed in an application that I am deploying? I
>do not want to store the serial number in the registry or in a hidden
>file, I want to include it in the executable. I do not want to recompile
>the program with a new serial number everytime the app is deployed.
>
>TIA.

From Darryl Impey - JustSoft P/L, Australia
JustData Enterprise V2.2 Data Tools
Download trial from http://www.justsoft.com.au/
Import, export & create db data, SQL Server, Oracle, ADO, ADT, SQL, XML, CSV, TXT and much more
mailto:mail [ at ] justsoft dot com dot au

[Luke Miller]

Would you share whose VCL you are using? If there are ways to make my
app more secure, then I am definitely interested. Thanks in advance.

Luke

[Eivind Bakkestuen]

"Peck" <nos...@nospam.com> wrote in message news:3aff168d$1_2@dnews...

> > How does the new protection scheme you have selected work better than
> > OnGuard?
>

> You're a TurboPower TPX guy. You should know the answer.

I'm afraid that I've yet to reach the "all-knowing" state. Besides, I'm not
currently using OnGuard or LockBox, or participating in the related TP
newsgroups.

> I have replied; but I will not answer your question.

Hm, I see I may have framed the question badly. I meant to ask something
like: How does the new protection scheme better protect your investment?
Foreseeing the need for such libraries, I'm gathering relevant info, as I'm
well aware that the Delphi component market consists of more than one
player. I was hoping for something more than unsubstantial rumours, that's
all.

--

Eivind

[Michael D. Collins - [CDS]]

Personally I like OnGuard for simple software protection.
There is virtually nothing out there that cannot be broken.
But for a more difficult to break copy protection you may want to
try SLockPK http://www.crypto-central.com/slock/index.html .

Michael D. Collins

[Peck]

Replied in private.
Case closed.

-- Peck

[Peck]

Replied in private.
Case closed.

-- Peck.

[Eivind Bakkestuen]

Next time, please keep your rantings out of my mailbox. Thank you.

Oh btw, I found it quite enlightening to peek inside the .exe files you
produce. What are those references to stuff seemingly named after TurboPower
products?

--

Eivind

"Peck" <nos...@nospam.com> wrote in message news:3b053e27_2@dnews...