Re: An alternative to Product Activation
- From: "Jan Derk" <none@xxxxxxxxx>
- Date: 17 Apr 2007 13:08:19 -0800
Steve Thackery wrote:
Firstly, let's agree that whatever security system Codegear employs,
it will be cracked; and cracked versions of their software will be
available to download.
Let's also agree that Codegear is unlikely to abandon their policy of
requiring some sort of anti-piracy mechanism.
So I wonder if we could have a constructive debate, generating
suggestions for an anti-piracy system which meets Codegear's needs
AND that we could live with. After all, that's much more helpful
than just moaning and complaining, isn't it?
Lots of people (including myself) object to on-line activation, for
all the reasons given in previous threads. I don't propose to go
over that again.
Similarly, hardware dongles have gone out of fashion due to costs and
logistical problems (especially when the software itself is
downloaded). Also, OS changes can render them inoperative.
Furthermore, if a dongle should fail at some time in the future, the
software would be rendered unuseable. I don't expect hardware
dongles will be regarded as a serious option by Codegear.
In the '90s Microsoft used a "registration code" which was printed on
the CD case. As I understand it, the code was checked for validity
using some secret algorithm. I don't think it was associated with
any particular copy of the software, so a valid code could be used on
any copy of the software you came across. Interestingly, I recall
that typing a string of '1's met the registration algorithm!
The biggest shortcoming of this system, I would say, is that any
valid registration number could be used on any copy of the software,
making piracy a simple matter of publicising a working registration
My suggestion is to tie the registration number to a particular copy
of the software. This would require downloaded software to be, in
effect, 'built on demand', although I propose this would only apply
to a small part: probably the installer or some sort of "signature
file". Either the user could provide a username and password at the
point of purchase, which is somehow embedded into the installer prior
to download, or Codegear would generate them for you (probably the
better solution). Each time it was run, the installer would require
you to enter the username and password (which must match the embedded
ones) before the software could be installed. The user would be
responsible for keeping their username and password safe against loss.
To pirate this software would require sending out a copy of the
downloaded software itself, plus the associated unique username and
password. This would be a very deliberate act of piracy and would
probably deter any casual theft. As no further on-line activation
would be required at any time, a system like this would suit me fine
(and, I think, my employer).
I realise this security system could be circumvented simply by doing
what I've described in the previous paragraph. But let me remind you
that D2007's product activation was itself cracked within a few days
of release! So we will never end up with a bullet-proof system.
Software sold on CD/DVD is more difficult, because the system I've
described would require each disk to be different (with its own,
unique, embedded username and password). I imagine this would be
impractical, but don't really know.
I'm no expert, as you will have noticed! Can anyone suggest
solutions that would keep Codegear happy AND its customers?
I have said this before. The solution is simple: When a newly installed
Delphi IDE is *not* able to reach the activation server, assume it is
legal. This way we can all keep working if CodeGear or their activation
servers go out of business. No escrow needed.
When the activation server is up and the product code has been used too
often, popup a dialog stating that and disable the new installation.
The message should say: Please login into your CodeGear account and
disable activations on computers that are no longer in use.
Yep, one can keep the network cable unplugged at all time to circumvent
it, but only one activation try has to be successful to disable illegal
Delphi versions. Plus this circumvention is more inconvenient than
downloading the latest cracked version.
IMHO activation should not be called activation, but a license manager.
Let's face it, the bad guys already have their cracked D2007 downloaded
and installed and new releases will always be cracked within days.
CodeGear should stop thinking about the activation as a means of
stopping the criminals and turn it into a tool that actually helps me
and companies to easily see how many licenses I own and on how many
computers they are installed upon.
There should have an option to see online how often and on which
computer Delphi is activated. *And* an option to deactivate PCs that
are no longer in use. If this were possible I would be happy to only be
allowed installing Delphi on 3 or 5 computers or so instead of 15 as it
is right now. This would reduce the amount of casual piracy, because
D2007 can be legally be installed for 15 developers in your company
before it starts to protest.
- An alternative to Product Activation
- From: Steve Thackery
- An alternative to Product Activation
- Prev by Date: Re: My 2 cents
- Next by Date: Re: My 2 cents
- Previous by thread: Re: An alternative to Product Activation
- Next by thread: Re: An alternative to Product Activation