实施软件许可机制

发布于 2024-07-21 10:19:24 字数 1435 浏览 4 评论 0原文

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(6

春庭雪 2024-07-28 10:19:25

您可以查看 Microsoft 的 SLP - 我没有使用过它,但它看起来确实很有趣(你知道,如果你对微软的东西感兴趣……)

有一点需要注意——没有任何许可机制可以保护你免受盗版,甚至大大减少盗版。 根据定义,许可机制将是客户端的——这本质上是脆弱的。 看看 DRM 发生的所有事情...

因此,您的指导方针应该是可用性 - 意图应该是将其用作一般策略,好人将轻松地局限于他们的用途应该被允许做,而坏人 - 好吧,坏人无论如何都会绕过你的意图,你最好的希望是让它更有效。

You can check out Microsoft's SLP - I haven't used it, but it definitely looks interesting (yknow, IF you're into MS stuff...)

One important point to note - no licensing mechanism will protect you from piracy, or even substantially reduce it. By definition, the licensing mechanism will be client-side - which is inherently breakable. Take a look at all what happened with DRM...

Your guideline should therefore be usability - the intent should be to use it as a general policy, the good guys will be comfortably limited to what they're supposed to be allowed to do, and the bad guys - well, the bad guys will get around your intent anyway, your best hope is to make it more work.

我家小可爱 2024-07-28 10:19:24

理想情况下,您需要独立于操作系统的东西。

我建议您将许可证保护嵌入到您的代码中,或者将您的应用程序包装在其中,以便在没有首先运行复制保护代码的情况下应用程序无法运行。

如果您的应用程序需要许可证密钥文件才能运行并且该文件不是在本地生成的,那就最好了。

实现此目的的一种方法是,您的应用程序在初始运行时根据硬件生成某种形式的图像代码。 这是提供给您的,作为回报,您提供允许代码运行的许可证密钥。 最好将硬件映像基于 CPU 和主板,因为它们变化最少。

你的应用程序。 每当运行时都应检查硬件映像和许可证密钥。

如果你想要你的应用程序。 许可证时间有限,那么它还应该跟踪它运行了多长时间并将其嵌入到许可证密钥文件中。

不要忘记加密许可证文件。

另外,不要忘记使用 dotfuscator 或类似工具使反向编译可执行文件变得更加困难。

Ideally you need something that is OS independent.

I would recommend that you embed the license protection within your code or wrap your application within it in such a way that it cannot be run without the copy protection code having run first.

It would be best if your application needs a license key file in order to operate and that this isn't generated locally.

One way of doing this is that your application generates some form of image code based upon the hardware on it's initial run. This is supplied to you and in return you supply the license key which will allow the code to run. Best to base the hardware image around CPU and motherboard as these will change the least often.

Your app. should check against hardware image and license key whenever it is run.

If you want your app. license time limited then it should also keep track of how long it has run and embed it within the license key file.

Don't forget to encrypt the license file.

Also don't forget to make it more difficult to reverse compile your executable by use of a dotfuscator or similar.

泪是无色的血 2024-07-28 10:19:24

首先,没有什么是防黑客的,所以我不会花太多时间来保护你的软件。

基于硬件 ID 的机制的缺点是,当用户购买新计算机或升级大部分计算机时,他也需要更新密钥。
HWHash 是一个非常好的 HardwareID 实现,但我想还有更多(免费)解决方案。
在工作中,我们使用 Hardlock 和 Hasp 密钥,但这些是 usbkey 解决方案,不是很好对于小型应用程序非常有效。

First of all, nothing is hackproof, so i wouldn't spend too much time on protecting your software.

The downside of a mechanism based on hardware IDs is when a user buys a new computer or upgrades most of his computer he needs to update the key too.
HWHash is a pretty good HardwareID implementation, but i guess there are more (free) solutions.
At work we use Hardlock and Hasp keys, but these are usbkey solutions which are not very efficient for small applications.

情话墙 2024-07-28 10:19:24

检查这个问题:您使用什么复制保护技术?

它也其他相关问题的链接。

Check this question: What copy protection technique do you use?

It also links to other related questions.

蓝颜夕 2024-07-28 10:19:24

我对已发布的软件保护机制非常警惕,因为它们更有可能发布黑客攻击。 您最好使用一些技术来获取唯一的持久 ID,并使用它来推出您自己的保护机制。 我还认为,每次运行程序时简单地检查许可证是一个糟糕的主意,因为这会导致黑客找到您的保护机制的位置。 IMO,您最好以更随机的方式检查许可证,并且每个会话不止一次。

FWIW,我将硬件锁(搭扣)用于我的高端桌面软件,并在移动解决方案上使用基于设备 ID 的许可。 如果您在垂直市场上销售少量高成本软件,恕我直言,良好的许可证保护机制是有意义的,并且硬件加密狗运行良好。 我的经验是,如果没有做到这一点,人们使用的许可证将会多于他们购买的许可证。 对于大容量、低成本的软件,我倾向于容忍基于用户群规模和产品知名度增加的盗版。

I'd be very wary of published software protection mechanisms, as they are much more likely to have published hacks. You are probably better off using some of the techniques to get a unique persistent ID and use this to roll your own protection mechanism. I also think that it is a poor idea to simple check the license whenever you run the program, as this leads the hacker to the location of your proection mechanism. IMO, your are better checking the license in a more random fashion, and more than once per session.

FWIW, I use hardware locks (hasp) for my high end desktop software, and device ID based licensing on mobile solutions. If you are selling small quantities of high cost software in a vertical market, IMHO, a good license protection mechanism makes sense, and hardware dongles work well. My experience has been that people will use more licenses than they purchase if this is not in place. For high volume, low cost software, I'd tend to live with the piracy based on increasing the size of the user base and product visibility.

凉栀 2024-07-28 10:19:24

我正在考虑实施一个良好的许可机制,以有效抵御盗版。 所需的机制不应在每次使用软件时都使用互联网连接。

那么定期在线检查许可证怎么样?

当用户第一次登录时,用户会根据其帐户验证安装,并且许可证文件会存储在用户的 PC 上。 该许可证文件经过加密,包含唯一标识许可证所需的所有数据。 这全部存储在您的服务器上。

许可证文件将在设定的天数甚至几个月内到期。 文件过期后登录会检查帐户并验证其合法性。 此时您甚至可以考虑生成新的许可证文件。

应该有一些智能措施,在用户互联网中断且许可证无法注册的情况下提供一些回旋余地。 也许7天。

如果在新计算机上重新安装软件,用户必须重复验证过程。

正如其他人所说,没有办法击败坚定的盗版者,因为这样的人会破解代码,但这应该可以防止或减缓随意的盗版行为。

I am thinking of implementing a good licensing mechanism that has a good resistance against piracy. The required mechanism should not use an internet connection at each and every time the software is used.

Then how about a periodic online check of the licence?

When the user logs in the first time, the user verifies the install against his account and a licence file is stored on the users PC. This licence file is encrypted and contains all the data needed to uniquely identify the license. This is all stored on your server.

The licence file expires in set number of days or even months. Logging in after the file expires checks against the account and verifies its legitimacy. You might even consider generating a new licence file at this time.

There should be some smarts that give some leeway in the case that the users internet is down and the licence cannot be registered. Perhaps 7 days.

If the software is reinstalled on a new computer the user has to repeat the verification process.

As the others have stated there is no way to beat a determined pirate, since such a person will hack the code, but this should prevent or slow down casual piracy.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文