An alternative to Product Activation

Firstly, let's agree that whatever security system Codegear employs, it will
be cracked; and cracked versions of their software will be available to

Let's also agree that Codegear is unlikely to abandon their policy of
requiring some sort of anti-piracy mechanism.

So I wonder if we could have a *constructive* debate, generating suggestions
for an anti-piracy system which meets Codegear's needs AND that we could
live with. After all, that's much more helpful than just moaning and
complaining, isn't it?

Lots of people (including myself) object to on-line activation, for all the
reasons given in previous threads. I don't propose to go over that again.

Similarly, hardware dongles have gone out of fashion due to costs and
logistical problems (especially when the software itself is downloaded).
Also, OS changes can render them inoperative. Furthermore, if a dongle
should fail at some time in the future, the software would be rendered
unuseable. I don't expect hardware dongles will be regarded as a serious
option by Codegear.

In the '90s Microsoft used a "registration code" which was printed on the CD
case. As I understand it, the code was checked for validity using some
secret algorithm. I don't think it was associated with any particular copy
of the software, so a valid code could be used on any copy of the software
you came across. Interestingly, I recall that typing a string of '1's met
the registration algorithm!

The biggest shortcoming of this system, I would say, is that any valid
registration number could be used on any copy of the software, making piracy
a simple matter of publicising a working registration number.

My suggestion is to tie the registration number to a particular copy of the
software. This would require downloaded software to be, in effect, 'built
on demand', although I propose this would only apply to a small part:
probably the installer or some sort of "signature file". Either the user
could provide a username and password at the point of purchase, which is
somehow embedded into the installer prior to download, or Codegear would
generate them for you (probably the better solution). Each time it was run,
the installer would require you to enter the username and password (which
must match the embedded ones) before the software could be installed. The
user would be responsible for keeping their username and password safe
against loss.

To pirate this software would require sending out a copy of the downloaded
software itself, plus the associated unique username and password. This
would be a very deliberate act of piracy and would probably deter any casual
theft. As no further on-line activation would be required at any time, a
system like this would suit me fine (and, I think, my employer).

I realise this security system could be circumvented simply by doing what
I've described in the previous paragraph. But let me remind you that
D2007's product activation was itself cracked within a few days of release!
So we will never end up with a bullet-proof system.

Software sold on CD/DVD is more difficult, because the system I've described
would require each disk to be different (with its own, unique, embedded
username and password). I imagine this would be impractical, but don't
really know.

I'm no expert, as you will have noticed! Can anyone suggest solutions that
would keep Codegear happy AND its customers?