I want an effective solution to prevent piracy and manage licensing of my java desktop application

3

I am developing software that will be useful during search engine optimisation of a website. This software is a desktop java application.

I have heard that (specifically) Java applications can easily be hacked into.

Are there good solutions that prevent piracy and allow me to sell licenses of my software?

Licensing Software Licensing

asked Aug 20 '11 at 00:16
Blank
User893664
18 points
  • I think that this question is better suited for the Stack Overflow board. – Joseph Barisonzi 12 years ago
  • Dont make it available to other people. Only thing that ever worked reliable. – Net Tecture 12 years ago
  • http://www.excelsior-usa.com/articles/java-obfuscators.html My article about Java code protectionconsiders four ways to make your Java code less vulnerable. One of those also acts as a copy protection mechanism that would be very expensive to circumvent. – Dmitry Leskov 12 years ago

6 Answers

11

I'm founder of the company that makes LimeLM, a licensing and online activation product. We have examples showing how to use LimeLM & TurboActivate with Java. Also, if you want to prevent your compiled jar from being decompiled we recommend using ProGuard in tandem with LimeLM. ProGuard is a free and open source obfuscator for Java.

If you have any questions we'll be glad to give you a hand.

Tell me if this helps.

What's the use of copy protection?

This point was raised in another answer, so I'll address it here. Every copy protection can be cracked. This is an indisputable fact. So that raises the question: what's the point of copy protection if it can be cracked?

Here's the answer: casual piracy.

Customers using the same product key over and over again (aka casual piracy) can cost you real money. It's rarely malicious -- these customers aren't wringing their hands while giving their best evil villain laugh. It's much more banal. It's usually the department in a company that buys the licenses is different than the department in the company that actually handles the licenses.

This is why you need strong hardware locked licensing. It will tell your customers when they've used their allotted licenses so they can purchase more. Then they can purchase more licenses and be merrily on their way.

The Business Software Alliance does a yearly study on casual piracy -- check out their studies if you need further proof.

But what about crackers?

If it exists on a computer it can be cracked. You can't stop crackers. All you can do is increase your revenue by dealing with casual piracy.

answered Aug 20 '11 at 00:30
Blank
Wyatt O'day
964 points
  • +1 for not creating the illusion of uncrackable software – Ccellar 12 years ago
  • +1. Yes. It works for specific caes, it wont stop real thieves. Pointing this out makes you serious. Well formulated. – Net Tecture 12 years ago
  • +1 for distinction between "casual piracy" and crackers – Hartley Brody 12 years ago
  • Hello Wyatt, I am very interested in this. Do you have any one going live with this? – Kim Jong Woo 12 years ago
  • @Kim - Yes, we have a large number of customers using LimeLM. Everyone from small companies to Fortune 500 companies. If you want to chat with some of our customers then email me at [email protected] and I'll get you in touch with some. – Wyatt O'day 12 years ago
  • @WyattO'Day, ah I just wanted to see if this was production ready. Are you available to chat right here onstartups chatroom? I have some questions regarding Java app deployments with LimeLM. http://chat.stackexchange.com/rooms/1293/onstartupsKim Jong Woo 12 years ago
  • @KimJongWoo I've sent you an email. If you have any other questions I'll be glad to help. – Wyatt O'day 12 years ago
  • @WyattO'Day thank you. – Kim Jong Woo 12 years ago
3

The best solution is protecting your product by design. If possible you should not ship the most important part with the software. This part is usually some of your application business rules and some other times it's some kind of data.

In your case, a good Idea is shipping user interface as desktop application and make it dependent to some sort of updates.

Example 1: Antiviruses need to be updated with the last virus signatures (data is critical here, and the engine is shipped with product)

Example 2: You have a diet program which gets some information from user (sex, age, height, weight...) and offer a weight loss program. Hide the business rule (diet program) by connecting to a web service over the internet.

Remember, due to different internet speed of users you should limit this connectivity and don't use it for real-time sensitive works (like painting on a canvas).

So, you need to think if it is possible to do some change in design instead of looking for theft-proof software locks/obfuscators.

answered Aug 21 '11 at 07:33
Blank
Xaqron
311 points
  • -1. Sorry, this wont work in every scenario. Or during outages. Always on internet copy protections are generally awfull if not needed. I expect a MMORPG to be always on, or my brokers trading platform, but neither anti viros a diet program should require internet connection (sans updates, but those are not always). – Net Tecture 12 years ago
  • Beauty is in the eye of the beholder. – Xaqron 11 years ago
2

I want to know of a good solution that prevents piracy and allows me
to sell licenses of my software.

There is no good copy protection.

Look at all the high cost games, all spending huge amounts on copy protection and every approach is cracked fast. Game over.

Go for something cheap (computer name, SID vs. license file) to keep casual copying away and otherwise forget it. People want to copy it? It will be copied and your copy protection will be laughed at, regardless how much you spend.

They can not even keep Blue Rays copy protected. Or AAA games that spend significant amounts of money on copy protection schemes.

answered Aug 20 '11 at 01:40
Blank
Net Tecture
11 points
  • Again, I removed the unnecessary rudeness. That is not the kind of site we are. We are all here to learn from each other. – Zuly Gonzalez 12 years ago
1

(Disclosure - I work for Agilis Software, who provide Java license management tools).

First of all, there are well-tested and sophisticated commercial license management solutions out there. Since your application is in Java you probably want to make sure the licensing tool is multiplatform Java too, so you don't introduce platform dependencies. This is also a good sign that the vendor actually understands the special issues raised with protecting Java apps (and not just wrapping some C code and calling it a Java library).

When it comes to security there are actually two independent issues to consider:
- Protecting your intellectual property (IP), and
- Ensuring the license check is not circumvented.

Techniques that meet the latter goal include checking a digital signature of the license-checking library at run time (to ensure it hasn't been spoofed or tampered with), exception based flow of control and flow-control obfuscation. Encryption is the usual approach for the first goal, and there are several tools on the market that do this.

Hope this helps,

Dominic

answered Nov 10 '11 at 08:04
Blank
Dominic
21 points
  • -1. Sorry. Every software worth copying is copied and cracked. Every. Even vbery highly paid game copy protection systems often get cracked day 1. There is no protection. Point. It only works in specific scenarios (corporate due to legal hassle, or crap software noone puts the energy in). Talking around the fact that no copy protection ever lasts on worthy content.... sort of does not make it magically work. Check "ThePirateBay.org" for a nice list of how to bypass copy protection. – Net Tecture 12 years ago
0

It looks like the TrueLicense project has been revitalized. it's new webpage is http://truelicense.java.net/. I've implemented TrueLicense in a new Swing application I've built. I had to adapt the suggested usage a bit so that I can create license strings that users can copy and paste instead of license files.

At least studying this library and reading the documentation will help you understand better how a licensing solution would work.

answered Jan 18 '12 at 11:48
Blank
Aaron
1 point
0

What you want is to maximize your profits.

You need to be aware that implementing any anti-piracy measures degrades the user experience for people who pay you money i.e. generate your profits.

When talking about piracy people usually consider only one aspect: revenue potentially lost to piracy.

You need to consider potential revenue lost because a user was unable to properly unlock your software even after paying you or potential revenue lost due to negative word of mouth (e.g. a paying customer frustrated with your anti-piracy scheme wrote a negative review of your software) or revenue lost because you were spending your time implementing anti-piracy measures when you could have been improving your software.

I'm not saying you shouldn't add anti-piracy measures. I am saying that you should weight all sides of the equation (as opposed to blindly assuming that anti-piracy measure are good for your profits) and if you do implement anti-piracy measures, make sure that they have minimal impact on your paying customers.

As NetTecture said, there is no "effective" solution to piracy. Apple is unable to prevent people from finding a way to jailbreak every version of iOS and you can bet they spend significant resources on that.

answered Jan 18 '12 at 18:15
Blank
Krzysztof Kowalczyk
1,950 points

Your Answer

  • Bold
  • Italic
  • • Bullets
  • 1. Numbers
  • Quote
  • Link
Not the answer you're looking for? Ask your own question or browse other questions in these topics:

Licensing Software Licensing

Topics

Stats

Viewed 8.13K times

Asked 12 years ago

Last Update 10 years ago

Related

5 Best NYC Mobile App Development Companies