Encoding routines

Hi all,

I'm pretty new here, so I hope this hasn't been posted too much before.

I have a client who wishes to have me write many programs for him, but he wants me to send him some "samples" of some of my better routines.

Obviously i don't want to just go handing my programs out to anyone, but this client is potentially worth a fair bit to me.

Is there any way possible that i can encode the routines to either require a password, or have some kind of timer in them whick will destroy the routine after a week or so?

Any help on this matter will be much appreciated.

Thanks

Craig Turton

 

Do a search through previous posts (in this group) for time, timer, protect
and password. You'll find a ton of stuff and ideas on program protection
schemes.

 

Just have it stop working on a certain date.

Rick

 

so, would i just enclose my routine in say:

(if (< (getvar "cdate") date)
(progn
(.....)
)
(progn wont work)
)

and then compile into VLX?

Can people use tools to 'unencode' compiled VLX? if so is it easy for people to find such tools?

Thanks

 

Just have it stop working on a certain date.

A very simple way to do this is to enclose all of the code in one big if:

(princ "\nCool Lisp Sample blah blah blah")
(princ "\nCopyright 2004 Joe Blow All Rights Reserved.")
(if (> (getvar "cdate") 20050401) ;April 1 2005
(progn

<the entire existing file goes here>

)
)
(princ)

This prevents the code from even loading after the given date. This isn't
bulletproof protection but it might to be good enough for Craig's purposes.

 

So there is no need to worry about the VLX or FAS being uncompiled at the moment?

BTW thanks for the speedy replies.

 

Reportedly, FAS and VLX files *can* be hacked (but you won't find out how
it's done on these forums). But if you really want to work with this
particular client, you'll just have to put aside your paranoia and treat him
as an honest person at least until you can prove otherwise.
___

 

In addition to Paul's comments...

Nothing's perfect. The real question is whether it would be worth the time,
effort, or aggravation to defeat your program's protection and/or
reverse-engineer it. In many cases, a person who knows enough to "hack" a
compiled program probably knows enough to write it himself anyway.

The simple time-out trick is easy to defeat by setting your system clock
back. (That's why I wouldn't include an "or else" error message like "Trial
period has expired.") But realistically, hardly anyone is willing to have a
wrong date on their computer just for the sake of running one routine. It
plays havoc with your file organization and just isn't worth it.

You mentioned samples of your "better routines." If these represent
significant value and time, I'd suggest not giving away the whole thing in
the demo, regardless of the protection scheme. For instance, if a routine
can do 6 different things, remove the code for all but one or two
representative things. Or show the dialog box interface but remove all the
code that actually does anything in the drawing. You could show the finished
results in a dwg file, and how the interface works, but without including
anything that could actually be used. If you leave out significant chunks of
your code, then it's not there to be stolen.

Just some thoughts. Search previous threads for methods you might use to
protect the finished products, if you actually sell some programs.

 

Hi Craig,

A simple to implement scheme would be to put a zoom centre command in the
code and zoom to something impossibly small and there display a note that
this is a demonstration version, please erase the text then do a zoom
previous.


--


Laurie Comerford
CADApps
www.cadapps.com.au

wants me to send him some "samples" of some of my better routines.

this client is potentially worth a fair bit to me.

a password, or have some kind of timer in them whick will destroy the
routine after a week or so?

 

Why so fancy? I just use a simple (alert ...) function for nag screens.
___

 

You're kidding right? A simple massaging of qaflags thwarts that.

Why so fancy? I just use a simple (alert ...) function for nag screens.
___

 

Not kidding at all. Remember, this is to be compiled code, and all that
needs to be done is

(setvar "qaflags" 0)
(alert "This is a Nag Screen!")

so whaever the user sets qaflags to before running the code will be
"thwarted" by the code itself. And if you want to be cute with it, you can
save the user's value of qaflags and restore it after the nag screen. No big
deal.
___

 

I could be mistaken, but cannot one code a simple reactor to intercept changes to qaflags, forcing it to 0?

Not kidding at all. Remember, this is to be compiled code, and all that
needs to be done is

(setvar "qaflags" 0)
(alert "This is a Nag Screen!")

so whaever the user sets qaflags to before running the code will be
"thwarted" by the code itself. And if you want to be cute with it, you can
save the user's value of qaflags and restore it after the nag screen. No big
deal.
___

 

How about writhing to the registry, like this.
When the program starts ask for the key code with DEMO as a default.
Write the encoded word plus today date and the number of records in a
data file. Assuming your routine adds records to this data file.
Also update a data file with a flag that the countdown has started.
This way if the registry entry has been deleted the data file will alert
the routine of that fact. "Error, Registry damaged" and quit.
When the expiration date is reached or the number of new records is
reached the registry is updated with expired flag.

 

Who are you proposing would use such a reactor -- the person writing the
code, or the one trying to defeat the nag screen? If the user "forces it to
0," that's exactly what I would want; maybe you're thinking of a value of 4,
rather than 0. Perhaps a reactor could be devised to intercept changes to
qaflags, but if anyone is *that* paranoid, they simply shouldn't be
distributing files at all. This whole thread is getting a bit ridiculous.
___

 

You're dismissing my post as ridiculous? Is this not a forum to exchange ideas?

I'm just trying to point out there are many simple ways to thwart simple protectionist measures like compiling in the vlide and the
use of dialogs etc. The issues remain, regardless whether you wish to dismiss them as paranoia.

Who are you proposing would use such a reactor -- the person writing the
code, or the one trying to defeat the nag screen? If the user "forces it to
0," that's exactly what I would want; maybe you're thinking of a value of 4,
rather than 0. Perhaps a reactor could be devised to intercept changes to
qaflags, but if anyone is *that* paranoid, they simply shouldn't be
distributing files at all. This whole thread is getting a bit ridiculous.
___