I have actually played with the notion of writing program data (expiration dates, installation keys, etc.) to physical hard disk sectors. Note that I
played. Fortunately, I came to my senses when I realized that this approach to anti-piracy was two shades darker than unethical and somewhat impractical on modern systems. First, ignoring the ethical implications for a time, we have a problem convincing HAL that direct disk access to a hard drive is quite all right. A persistent programmer would probably get around this snag.
I did experiment with the distribution of a special floppy disk, intended to serve as an installation key. One more instance of "good" idea that was really,
really bad. The concept was simple: write a key value to the Total Sectors field in the floppy boot sector and then read the value from the VB app. The floppy couldn't be copied because 30mb wasn't a valid size for a floppy disk. (I actually tested this under Win9x and using the WinImage disk utility. I forgot to test the concept under NT, which ignores the value of the Total Sectors field). At the time, I thought I had stumble across a good idea so I posted my whimsy as a FAQ (not even a good tip) in faq204-53. One of these days I'll ask Tek-Tips management to delete it.
I took the "floppy key" idea a bit further by encoding license keys (one for each seat purchased) in the sizes of the files in the floppy root directory. This idea had some merit because NT refused to copy a 1.44mb floppy containing 2,300,000,000 bytes of data.
Alas, I abandoned this approach when a friend took me aside and gently pointed out the meaning of life:
![[morning]](/data/assets/smilies/morning.gif "[morning] [morning]")
[tt]
1) You can't download a floppy over the Internet.
2) Floppys are prone to failure, especially when they are handled by multiple users.
3) I could have developed quite a few useful applications during the time I wasted trying to find a foolproof method of preventing users from redistributing an application that just wasn't worthy of the effort.[/tt]
I assume that Chelseatech has already ironed out the various wrinkles that could prevent an "expiration date" scheme from working and (s)he is just looking for a fairly secure location to store the date. I'm going to go out on a limb here (Strongm, don't hit me too hard!) and suggest a relatively novel approach. Perform some sort of simple text transformation on the date (anything that makes it look like something other than a date). Then save that value to the program executable file.
You'll find a fairly bad example of this sort of thing in thread713-552002 (you'll find a way to hard-code a string variable
after an app has been compiled and distributed).
This doesn't address the problem of re-installation. You should pass an authorization key to the user by email or phone.
This doesn't address the problem of folder permissions or user policies. If an application isn't allowed to write to "C:\Program Files" it certainly won't be allowed to modify itself. The program would have to be installed and initialized by somebody with full access. And, ahhhh, the question of permissions.... If the user doesn't have permission to write to the program folder, he probably doesn't have permission to install your software.
None of this addresses the problems posed by "Citrix/Terminal Server environment". That could be a tough biscuit to chew.
In the end, there is only one simple solution: Step back and take a look at the application you are trying to protect. Is it such a killer app that crackers will be lined up trying to find ways to pirate a free copy? Then scale your anti-piracy efforts according to the marketable value of your program.
All this might be easier than you thought.
![[yinyang]](/data/assets/smilies/yinyang.gif "[yinyang] [yinyang]")
Real men don't use Interrupt 21h.
