Click here to Skip to main content
15,908,166 members
Home / Discussions / C#
   

C#

 
GeneralRe: Control development quesions Pin
Mazdak1-Jan-04 22:45
Mazdak1-Jan-04 22:45 
GeneralRe: Control development quesions Pin
Heath Stewart2-Jan-04 5:28
protectorHeath Stewart2-Jan-04 5:28 
GeneralRe: Control development quesions Pin
Mazdak2-Jan-04 6:11
Mazdak2-Jan-04 6:11 
GeneralRe: Control development quesions Pin
Heath Stewart2-Jan-04 6:47
protectorHeath Stewart2-Jan-04 6:47 
GeneralRe: Control development quesions Pin
Mazdak2-Jan-04 7:23
Mazdak2-Jan-04 7:23 
GeneralRe: Control development quesions Pin
Heath Stewart2-Jan-04 9:03
protectorHeath Stewart2-Jan-04 9:03 
GeneralRe: Control development quesions Pin
Mazdak2-Jan-04 9:52
Mazdak2-Jan-04 9:52 
GeneralRe: Control development quesions Pin
Heath Stewart2-Jan-04 10:05
protectorHeath Stewart2-Jan-04 10:05 
ANYTHING you put in your assembly is visible to other people. If you use a password, they can see that. If you use a private key to decrypt information, they can see that. If you use a custom hash algorithm to hash your password so that only you can retrieve it (so you think), they can see that and run the same thing. Heck, even using the HTTPS mechanism I talked about can be replicated, but if your application accesses secure resources over the Internet, you at least have control over who/what you allow to access your service.

This is a big topic of software security and there are a lot of books and what-not out there.

If you're doing this for licensing reasons, there are more options available. Check out my article for instance, Using XML Digital Signatures for Application Licensing[^]. This is only conceptual, I remind you, and - being that it uses IL - it can be cracked (like I said before, anything can - it's just a question of the cost of resources compared to the cost of the information). You can bury the implementation in complexity, though.

There are many other solutions out there, too, such as XHEO[^] that use the same idea but gives you lots of default implementations (since mine is merely a discussion into the concept, not a full-blown solution) like communicating with a server. Some will even use a MAC address of a NIC or the ID on a CPU (for those that support it, although this can be very difficult and not reliable since not all CPUs have it (or enable it)).

.NET is hard to protect because of the ease of seeing information, which is why you might consider doing licensing in a native DLL - and there are many solutions and articles about this on the 'net.

Why am I mentioning licensing? Because you should allow your application to access protected resources with its own credentials because, as I said, those credentials can be hacked. Many applications will make use of Windows credentials, which are harder to hack and are provided by the Windows clients and servers. If you use licensing in your application, you (mostly) ensure that undesirable users aren't using your program, and that they use their credentials to access resources. There's also some lessons to be learned in these different approaches.

For instance, our application uses SQL Server over the LAN or through .NET Remoting on the Internet. We ask the user for credentials that are passed to SQL Server and validated. The program doesn't do this themselves - the person is required to provide credentials to protected resources. If we just let the application do it, we would have to store the same credentials for everyone (or encrypt them to an individual file for each person) which means that anyone can see them - even users that aren't paying for our system!

 

-----BEGIN GEEK CODE BLOCK-----
Version: 3.21
GCS/G/MU d- s: a- C++++ UL@ P++(+++) L+(--) E--- W+++ N++ o+ K? w++++ O- M(+) V? PS-- PE Y++ PGP++ t++@ 5 X+++ R+@ tv+ b(-)>b++ DI++++ D+ G e++>+++ h---* r+++ y+++
-----END GEEK CODE BLOCK-----
GeneralRe: Control development quesions Pin
Mazdak2-Jan-04 10:26
Mazdak2-Jan-04 10:26 
QuestionRSS in these messageborads??? Pin
Mohsen Sajjadi1-Jan-04 21:24
Mohsen Sajjadi1-Jan-04 21:24 
AnswerRe: RSS in these messageborads??? Pin
Colin Angus Mackay1-Jan-04 22:16
Colin Angus Mackay1-Jan-04 22:16 
AnswerRe: RSS in these messageborads??? Pin
Heath Stewart2-Jan-04 5:19
protectorHeath Stewart2-Jan-04 5:19 
GeneralNot sure? Help! Pin
Member 7957781-Jan-04 17:58
Member 7957781-Jan-04 17:58 
GeneralRe: Not sure? Help! Pin
Colin Angus Mackay1-Jan-04 22:11
Colin Angus Mackay1-Jan-04 22:11 
QuestionC# StreamReader blocks ? Pin
Luther Baker1-Jan-04 11:26
Luther Baker1-Jan-04 11:26 
AnswerRe: C# StreamReader blocks ? Pin
Colin Angus Mackay1-Jan-04 11:53
Colin Angus Mackay1-Jan-04 11:53 
GeneralRe: C# StreamReader blocks ? Pin
Luther Baker1-Jan-04 19:22
Luther Baker1-Jan-04 19:22 
GeneralC# select equivalent Pin
Luther Baker1-Jan-04 11:20
Luther Baker1-Jan-04 11:20 
GeneralRe: C# select equivalent Pin
Heath Stewart2-Jan-04 5:12
protectorHeath Stewart2-Jan-04 5:12 
GeneralRe: C# select equivalent Pin
Luther Baker2-Jan-04 7:58
Luther Baker2-Jan-04 7:58 
GeneralRe: C# select equivalent Pin
Heath Stewart2-Jan-04 9:06
protectorHeath Stewart2-Jan-04 9:06 
GeneralRe: C# select equivalent Pin
Luther Baker2-Jan-04 10:19
Luther Baker2-Jan-04 10:19 
GeneralRe: C# select equivalent Pin
Luther Baker2-Jan-04 11:14
Luther Baker2-Jan-04 11:14 
Generalinternet dial Pin
heba_zien1-Jan-04 11:09
heba_zien1-Jan-04 11:09 
GeneralRe: internet dial Pin
Heath Stewart2-Jan-04 4:50
protectorHeath Stewart2-Jan-04 4:50 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.