My project is almost finished, all files including databases, reports and the exe file is put in one folder… where if you double click the exe file, as long as vfp9 is installed, it will run… is there away that i can protect my work, that if they copy it will not work? Please help… thanks…
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
How to protect ur work from being copied? 3
- Thread starter Mandy_crw
- Start date
Mike Lewis
Programmer
Mandy,
First, you say, "where if you double click the exe file, as long as vfp9 is installed, it will run".
Your aim should be to allow users to run your program without VFP being installed. I don't know who your program is aimed at, but assuming you are not the only user, is it reasonable for the users to have to purchase and install VFP in order to use your product?
The normal approach would be to distribute certain run-time files with your program. This will allow it to be run independently of VFP. We can give your further advice on that if you need it, but for now, let's concentrate on your main question.
To prevent unauthorised people from running the application, you have a couple of possibilities. One is simply to password-protect it. Prompt for the password when the user launches the executable, and refuse to run if the password is not one that you recognise. Of course, this assumes that your genuine users won't give their own passwords to other people.
Perhaps a better option is to arrange for a hidden file, containing a code that only you know, to be stored somewhere in the user's file system. And to take care not to tell anyone where it is stored or what it contains. Again, refuse to run if the file is not present, or if it doesn't contain the expected code.
Ultimately, though, this sort of method can always be defeated if the perpetrator is determined enough. But you should ask yourself why anyone would want to run your program in this way. Often, developers seriously over-estimate the risks to their intellectual property.
Mike
__________________________________
Mike Lewis (Edinburgh, Scotland)
Visual FoxPro articles, tips and downloads
First, you say, "where if you double click the exe file, as long as vfp9 is installed, it will run".
Your aim should be to allow users to run your program without VFP being installed. I don't know who your program is aimed at, but assuming you are not the only user, is it reasonable for the users to have to purchase and install VFP in order to use your product?
The normal approach would be to distribute certain run-time files with your program. This will allow it to be run independently of VFP. We can give your further advice on that if you need it, but for now, let's concentrate on your main question.
To prevent unauthorised people from running the application, you have a couple of possibilities. One is simply to password-protect it. Prompt for the password when the user launches the executable, and refuse to run if the password is not one that you recognise. Of course, this assumes that your genuine users won't give their own passwords to other people.
Perhaps a better option is to arrange for a hidden file, containing a code that only you know, to be stored somewhere in the user's file system. And to take care not to tell anyone where it is stored or what it contains. Again, refuse to run if the file is not present, or if it doesn't contain the expected code.
Ultimately, though, this sort of method can always be defeated if the perpetrator is determined enough. But you should ask yourself why anyone would want to run your program in this way. Often, developers seriously over-estimate the risks to their intellectual property.
Mike
__________________________________
Mike Lewis (Edinburgh, Scotland)
Visual FoxPro articles, tips and downloads
Mike Lewis,
"Often, developers seriously over-estimate the risks to their intellectual property." I'd say the opposite is true.
Mandy, there is no way to protect VFP data. This is a big reason why employers stopped VFP developement years ago. As far as reports go, you should compile them into your EXE. Password protection is desirable, but users need to create their own passwords that need to be hashed and stored somewhere. At runtime, a user password is hashed and then compared with the stored hash value for that user. This way, no one can gain access to actual passwords - not even you. A password scheme where a single password is hardcoded should never be used. Also, it is difficult to protect source code as there are decompilers out there...
All of this may be overkill for your application. However, VFP programmers need to think about these things (as you are) and come up with solutions as needed. For example, I no longer develope VFP applications using VFP data because of security concerns.
"Often, developers seriously over-estimate the risks to their intellectual property." I'd say the opposite is true.
Mandy, there is no way to protect VFP data. This is a big reason why employers stopped VFP developement years ago. As far as reports go, you should compile them into your EXE. Password protection is desirable, but users need to create their own passwords that need to be hashed and stored somewhere. At runtime, a user password is hashed and then compared with the stored hash value for that user. This way, no one can gain access to actual passwords - not even you. A password scheme where a single password is hardcoded should never be used. Also, it is difficult to protect source code as there are decompilers out there...
All of this may be overkill for your application. However, VFP programmers need to think about these things (as you are) and come up with solutions as needed. For example, I no longer develope VFP applications using VFP data because of security concerns.
- Thread starter
- #4
Mike Lewis
Programmer
Mandy,
With respect, if you wanted to know how to run the application without VFP being installed, why did you ask how to prevent your work being copied? Surely you can see that those are two quite different questions?
If you had actually asked what you wanted to know, you probably would have had an answer by now, and three of us wouldn't have wasted our time giving you information you didn't need.
Mike
__________________________________
Mike Lewis (Edinburgh, Scotland)
Visual FoxPro articles, tips and downloads
With respect, if you wanted to know how to run the application without VFP being installed, why did you ask how to prevent your work being copied? Surely you can see that those are two quite different questions?
If you had actually asked what you wanted to know, you probably would have had an answer by now, and three of us wouldn't have wasted our time giving you information you didn't need.
Mike
__________________________________
Mike Lewis (Edinburgh, Scotland)
Visual FoxPro articles, tips and downloads
-
2
- #6
Chris Miller
Programmer
Mike Lewis,
it's not new Mandy makes up her mind and wants to know more while a thread evolves, and I don't see wrong in it.
Mandy,
that said, you know how often we said it will help to ask separate questions in separate threads. So when you want to know both, ask another question. You don't have to finish one thread to start a new one, you can have multiple questions in parallel threads.
What you're asking here is copy protection of an EXE. If an EXE works, then its copy will also work. It's a copy. So copy protection is never literally copy protection, it is always done by having a routine checking the validity of a license to use the EXE.
There are literal copy protections of CDs, mainly Music CDs, which to some extent also worked for software CDs. But then, as an EXE needs to run, how can you really protect against reading the file? Executing a file is reading and then executing it, albeit execution may already start with just a part of an EXE read in, but in the end the copy protected CD still has to be readable and so you can also read the file to not execute it but burn a new CD or save it to another workstation on a network.
Long story short: Any such physical copy protection was never really hard to overcome. No Software you buy today, not even on retail CDs or DVDs will have such protection, protection is done with cryptographic means and license systems. Product registration is how MS tackles it, and still has to struggle with all kind of piracy. It's not worth the struggle in my opinion.
How to create a setup is described in the help "Walkthrough: Creating a Visual FoxPro Application Setup Program Using InstallShield". Which you find when you search for one of the keywords in this title, I'm sure. If you don't find it or have difficulties walking through it, then ask about it in another thread, please.
Chriss
it's not new Mandy makes up her mind and wants to know more while a thread evolves, and I don't see wrong in it.
Mandy,
that said, you know how often we said it will help to ask separate questions in separate threads. So when you want to know both, ask another question. You don't have to finish one thread to start a new one, you can have multiple questions in parallel threads.
What you're asking here is copy protection of an EXE. If an EXE works, then its copy will also work. It's a copy. So copy protection is never literally copy protection, it is always done by having a routine checking the validity of a license to use the EXE.
There are literal copy protections of CDs, mainly Music CDs, which to some extent also worked for software CDs. But then, as an EXE needs to run, how can you really protect against reading the file? Executing a file is reading and then executing it, albeit execution may already start with just a part of an EXE read in, but in the end the copy protected CD still has to be readable and so you can also read the file to not execute it but burn a new CD or save it to another workstation on a network.
Long story short: Any such physical copy protection was never really hard to overcome. No Software you buy today, not even on retail CDs or DVDs will have such protection, protection is done with cryptographic means and license systems. Product registration is how MS tackles it, and still has to struggle with all kind of piracy. It's not worth the struggle in my opinion.
How to create a setup is described in the help "Walkthrough: Creating a Visual FoxPro Application Setup Program Using InstallShield". Which you find when you search for one of the keywords in this title, I'm sure. If you don't find it or have difficulties walking through it, then ask about it in another thread, please.
Chriss
-
1
- #7
tomk3
Programmer
Hello,
distributing
for distributing an exe you may only need some runtimes or build a full installer.
I prefer innosetup to create an installer for the users for the complete app.
see and
or it may be enough to run the prolib runtime installer and simply copy your exe/datafolder :
Protecting your intellectual property
it depends whom you expect to attack :
A good service maybe the best protection.
A good start is refox, which makes recompiling harder, see You may add protection by checking for hardwareIds like hd serial,..
You may obfuscate your code (split function) so its hard to read , but hard to maintain...
You may add protection by checking for files / registry entries, see other posts.
You may endup using VFPc++ compiler or using Anticopydevices (special usb dongles)
dataprotection
I assume that you use a safe filesystem like MS-SQL.
If the data itsself is your intellectual property and need rare changes you may include it (maybe encrypted) into the protected exe
HTH
Regards
Tom
we still develop and maintain vfp apps (and. .net and ASP, ...) but switched to data on sqlserver.
distributing
for distributing an exe you may only need some runtimes or build a full installer.
I prefer innosetup to create an installer for the users for the complete app.
see and
or it may be enough to run the prolib runtime installer and simply copy your exe/datafolder :
Protecting your intellectual property
it depends whom you expect to attack :
A good service maybe the best protection.
A good start is refox, which makes recompiling harder, see You may add protection by checking for hardwareIds like hd serial,..
You may obfuscate your code (split function) so its hard to read , but hard to maintain...
You may add protection by checking for files / registry entries, see other posts.
You may endup using VFPc++ compiler or using Anticopydevices (special usb dongles)
dataprotection
I assume that you use a safe filesystem like MS-SQL.
If the data itsself is your intellectual property and need rare changes you may include it (maybe encrypted) into the protected exe
HTH
Regards
Tom
we still develop and maintain vfp apps (and. .net and ASP, ...) but switched to data on sqlserver.
Gerrit Broekhuis
Programmer
Mandy,
Have you already compiles your project into an .exe file with VFP?
Once you can do this, you can think about encryption, etc. and can start thinking about creating an installer (for example InnoSetup) to create a proper “setup_your_application.exe”.
Regards, Gerrit
Have you already compiles your project into an .exe file with VFP?
Once you can do this, you can think about encryption, etc. and can start thinking about creating an installer (for example InnoSetup) to create a proper “setup_your_application.exe”.
Regards, Gerrit
- Thread starter
- #9
Mike said:
Hi Mike im so sorry if i have given you that impression, but what you have given me was very helpful, i have put a password everytime my exe file is double clicked.... but aside from that i want to know also how to run my app even without vfp9 installed in my computer... Im really sorry Mike... Thank you... but anyway i will ask in another thread...
Chris.. Thank you for understanding my novice attitude...
Gerrit Broekhuis
Programmer
Hi Mandy,
If you have a .exe all you need to run this without VFP is the VFP runtime files.
Regards, Gerrit
If you have a .exe all you need to run this without VFP is the VFP runtime files.
Regards, Gerrit
Dan Olsson
Programmer
I agree with Gerrit, with the addition of my suggestion to put them in the same directory as the EXE.
- Status
Similar threads
- Locked
- Question