Infralution Support

Javier · Joined: 09 Oct 2009 Posts: 215

I sold a couple of licenses to a company. A friend of mine that works in that company told me that some of the employees installed my software in their home computers, just by changing the computer name to match the office computer name.

Any ideas to prevent this?

Infralution · Joined: 28 Feb 2005 Posts: 5027

It is possible to lock licenses to hardware characteristics (such as MAC address) that may help prevent some isolated copying such as this (see http://www.infralution.com/phpBB2/viewtopic.php?t=1407). However we don't recommend it because we think that locking licenses to the computer name provides a reasonable level of license security (it prevents blatant copying within an organisation) while ensuring that your legitimate customers will always be able to run the software they have purchased (even they change their hardware or you are no longer in business).

One possible enhancement you could make is to include the network domain name in the Computer name (by overriding GetComputerId as described in the FAQ above). Unfortunately this is not currently possible using pure .NET code (hence we don't do it by default). See this blog for details on how to get the domain name using pinvoke.
_________________
Infralution Support

Javier · Joined: 09 Oct 2009 Posts: 215

Yes, the issue of locking licenses to the MAC address has been extensively discussed in this forum. Unfortunately, the computer name lock is sometimes too flexible. Something in between is required.

Infralution · Joined: 28 Feb 2005 Posts: 5027

Including the network domain name would mean that to get a license to work with another computer the user would have to get both their computer name and network domain name to match.

To implement this you would derive a new class from AuthenticatedLicenseProvider and override the GetComputerID method to add the domain name to the computer name (using the link I posted before to get the domain name).

Even MAC address and other hardware characteristics can be faked. It is worth reading this article on code project - if you haven't already - about the pros and cons of different licensing solutions. We think that locking to the computer name provides a reasonable deterrent to license copying without many of the drawbacks listed in the article of other activations schemes.
_________________
Infralution Support

Javier · Joined: 09 Oct 2009 Posts: 215

Infralution · Joined: 28 Feb 2005 Posts: 5027

From the blog link it looks like the call returns the Workgroup name if the computer is not part of a domain.

The laptop joining different domains would probably be a problem I think - so this may not be a viable suggestion.
_________________
Infralution Support

Javier · Joined: 09 Oct 2009 Posts: 215

Well, the only other thing that could help to avoid this kind of unauthorized licenses is the company name embedded in the license, as discussed at the end of this thread: http://www.infralution.com/phpBB2/viewtopic.php?t=1821

The problem that I see is that you would need to know the company name for every new customer, then create a checksum of it in the license, and then internally check the company name match. Of course the unscrupulous employee will know the company name as well, but at least the company name will show up in every screen and printout, not his name.

At the end of the above thread you concluded that this was not a good idea. Of course collecting the company name in advance is an additional task to do, but in addition to that, do you see any other drawback?

Infralution · Joined: 28 Feb 2005 Posts: 5027

I don't see any other drawbacks in including the company name if you believe that will give you some extra security.
_________________
Infralution Support

FusionDigital · Joined: 25 Jul 2009 Posts: 2 Location: Auckland, NZ

Couldn't you use Environment.UserDomainName to include the NT domain name? It won't work for workgroups, but it has the advantage that it will be very frustrating to get a license to validate without having an NT domain named the same as the company domain (because Environment.UserDomainName returns the computer name if there's no NT domain, and Infralution uses that for the other part of the validation).

Infralution · Joined: 28 Feb 2005 Posts: 5027

The only problem with using the UserDomainName is that if the computer is a laptop that sometimes is connected to a domain and other times not the UserDomainName will return different results and so your license would only work when connected to the domain.
_________________
Infralution Support

Infralution · Joined: 28 Feb 2005 Posts: 5027

Another alternative to locking to the Computer Name is to lock to the Windows Serial Number. See the following blog on obtaining the Windows Serial:

http://july-code.blogspot.com/2008/08/how-to-get-windows-serial-number-and.html

This is a bit harder for users to change to obtain a license. However it does have the disadvantage for your users that if they install a different OS their license will no longer work. I think this is still better then locking to hardware characteristics.
_________________
Infralution Support

Javier · Joined: 09 Oct 2009 Posts: 215

Yes, this looks a little bit more flexible than MAC lock, but still quite rigid. Locking to hardware vs locking to software. With the current pace of the technology, instead of installing a new OS in your old computer it's cheaper to buy a new computer which includes the new OS. If this is true, then this solution is the same as MAC lock.