Re: License Enforcement
From: Bill Unruh (unruh_at_string.physics.ubc.ca)
Date: 07/16/03
- Next message: JB: "FA: CISSP Exam Textbooks - SRV Volume 2 Practice"
- Previous message: mto: "Re: ZA 4's email attachment option"
- In reply to: Spam Bait: "License Enforcement"
- Next in thread: Leythos: "Re: License Enforcement"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 15 Jul 2003 23:04:05 GMT
Spam Bait <spambait@federal.gov.au> writes:
]Hi all.
]We've been asked by a client to develop a method of license enforcement
]for some software they've developed and intend to sell. Their software
]is an Access app ( yeah I know ... not particularly secure, but they are
]the customer ) but we intend to build some OCX objects, maybe in Perl,
]and re-use parts of it in later projects in Linux.
]I'm currently researching our alternatives. I have NO experience in
]this, so if I say something stoopid, go easy OK?
]I've already checked out some commercial implementations - none of which
]are cross-platform - which isn't necessary but is a big one of our
]wish-list, so I'm now looking at the option of doing it in-house.
]I've pretty much decided to use a product-activation scenario, where an
]installation ID is made from a combination of hardware IDs and some
]other stuff we can pull from the system. This will be encrypted and sent
]to the license provider ( eg via email / phone / something ) and an
]encrypted activation key will be created.
]Some issues with this system are:
]- hardware changes mean they have to re-register ... a possible solution
]is to only use the motherboard ID ( which isn't likely to change without
]a re-install anyway ), though this may not be unique enough.
]- users don't like product activation. I can see their point here...
]Any comments / suggestions? I have done a pretty extensive search of
]groups.google.com and found almost nothing on the topic.
a) Any activation procedure will make your customers your enemy. Not
only do youtak e their money but thenmake them jump through hoops to use
the damn stuff. suddenly a computer goes down and not only do they have
to pay for a new one and find those damn backups, but then the program
they need nolonger works and that manual with the license number got
lost in the fire as well. One of the most precious comodities a business
can have is its customer good will, and you have just blown it to hell.
b) Physical 'Activation'-- eg the cdrom must be in the drive to run
theprogram. Better, but then that cdrom gets chewed up by a dog, and
theprogram is useless. No backups possible. Would you trust your
business to this?
c) License server. Again how well do you handle corruption, and media
loss?
You are selling service. How much are you doing the equivalent of a car
manufacturer demanding that you take the car back to detroit, even if
you live in California, if something goes wrong? Your program willhave
bugs in it, which you expect the customer to accept instad of suing the
pants off you. Treat them with some of the same consideration and
respect you ask of them.
- Next message: JB: "FA: CISSP Exam Textbooks - SRV Volume 2 Practice"
- Previous message: mto: "Re: ZA 4's email attachment option"
- In reply to: Spam Bait: "License Enforcement"
- Next in thread: Leythos: "Re: License Enforcement"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
