How do I copy-protect my Java application? [closed]
Asked Answered
C

6

30

I want to sell my Java application using PayPal. When a payment is received, the customer is mailed a one-time download link to my application.

My question is, how do I prevent people from sending the .jar file to their friends/uploading it on the internet?

Obviously I need some kind of check in the application which only allows it to run on one computer. And that's another problem, I don't want a customer to have limitations on one computer, they should be able to run it at home and work etc.

Maybe some kind of cd-key would do the trick? Is there any cd-key resources for Java out there? Or should i build my own algorithm? Here comes yet another problem, reverse engineering..

Please help me solve this :)

Calci answered 5/9, 2010 at 18:37 Comment(1)
This question may be of use - https://mcmap.net/q/500198/-serial-keys-what-to-doGilda
P
34

The most common way to handle this is: customer gives you money, you generate a unique unlock key and provide that to the customer. The key should be a valid unlock key, and it should encode identification information about the user. Customer uses that key to install on as many of their computers as they like, or is allowed by the license.

Don't worry about reverse-engineering. Your product, if it's at all popular, will be pirated - you'll find unlock keys online if you look hard enough. If you like, you can take that as a compliment - someone liked your software enough to steal it. Cold comfort, I know, but the alternative is to get in an arms race with the pirates, and you won't win that. In the end, a few percent of the population will steal software, and you can't do much about that. You can use the key's identification information, if your scheme is strong enough, to trace who released the key in the first place.

Peyote answered 5/9, 2010 at 18:44 Comment(5)
I'm going to need an online lookup service for the keys right?Calci
I really LOVE the second paragraph, especially the you won't win the pirates part. They want to copy (or steal, if you want to call it that way) your software, they'll do it. You can't oppose.Quietly
You can check the key online, limiting how often they are installed, though a reverse engineered program doesn't have to do this.Phrase
Michael - Do you have any example of how to implement your suggestion in Java?Pyrophoric
@AlbaMendez It's bad advice in my opinion. I've used copy protection before and it helped tons in stopping piracy (product was popular). I didn't have any copies on torrent, only some keys that i continually disabled in future versions.Lanthanum
D
9

Actually there are a number of license management solutions that can help, but the REAL problem is that all of they can be cracked. I've personally tried the most expensive to the cheapest. Finally I rolled my own, and I check the software's pc details (mac id, etc.) against the recorded details in my server every time the software is run. Because my software is tightly tied to the Internet, it is okay, but I am sure it will be cracked one of these days.

What you probably need is to police the Internet regularly, and find where your software is being pirated, contrary to the popular belief you can actually stop them in most cases. Just serve a DMCA to the downloading website (most of them will comply), and you will be able to get your software removed in about 80% of the cases. I've done and experienced it on my software. Some people do not remove, but I've found that in the 1.5 years I've been doing this, my sales have improved.

I also use a service -- http://spotpiracy.com which helps me find these links apart from my own manual research (i have a guy dedicated to this). :)

Disorient answered 29/1, 2012 at 13:36 Comment(0)
I
6

Everyone has their own opinion on this subject so expect lots of different advice. Here's my take on it:

  • 1. Obfuscate your code (proguard is recommended)
  • 2. Offer a FREE version with full capabilities for a trial period
  • 3. Use a serial number routine based on the registering users email or other unique info

Overall you will have to accept a certain amount of piracy, but if your application is worthy people will pay for it. Honest people will be honest and copy protection will not make dishonest people honest.

Isogamy answered 5/9, 2010 at 18:44 Comment(4)
It's easier to crack a version with a trial period. You already have the full version, all you need is to fake the time.Skirmish
That goes back to several of my points - keeping honest people honest, obfuscation, and accepting that you will not defeat piracy.Isogamy
not entirely true. In some cases, badly implemented DRM will prevent honest people from doing things that they are entitled to do (by law), and cause them to break your DRM. (Or throw your software out of the nearest window, and never do business with you again!)Buchheim
Very true Stephen, good pointIsogamy
E
3

In my opinion, if you don't know exactly how you will protect your source code efficiently, then don't start trying to hash something together yourself based on hardware. It will be too easy to break, and most likely just annoy your customers.

I would sugest you have a look at how Atlassian does this. They happen to sell Java software, and apparently do quite well. http://www.atlassian.com/ Try downloading e.g. JIRA and play with an installation. This will give you a good idea of how their licensing scheme works, and what users can reasonably expect from professional software.

Entopic answered 5/9, 2010 at 19:54 Comment(0)
D
2

You must implement licensing capabilities.

Here is one interesting resource as a starter: http://members.chello.at/stefan-schneider/JavaLicenseKit.html

Disappoint answered 5/9, 2010 at 18:41 Comment(0)
F
1

In my old c++ days i get in arms to front the piracy using MAC Address code protection, very nice and really no body stole my software uppone the mac address protection because i always force the OS to re-read the real mac avoiding mac overrides. That was on C++ coding having direct access to local resources.

thats not the case today, nither in java applications in which the code is located in .class files that can always being decoded back to the original source code (yes it is possible, and very easy to find tools to do so).

i think, as resume, it is impossible to protect java programs agains piracy. i find no way like the old golden c++ days :)

Fleenor answered 25/11, 2013 at 4:8 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.