Only using the 'Hard Disk Serial Number' lock

Post here any topics that related to Enigma Protector, its functionality, your misunderstanding, offers to improvements etc etc etc
Post Reply
speedyorange
Posts: 42
Joined: Mon Dec 19, 2011 3:47 pm
Contact:

Only using the 'Hard Disk Serial Number' lock

Post by speedyorange »

Your manual recommends using just the 'Hard Disk Serial Number' hardware lock and it also recommends using at least 1 for 'allow changes'. If I did that doesn't that mean that the registration key would still work after they put a new hard drive in their computer? That makes me suspicious that such a registration key would work with any computer because it is only locked to the hard drive and it allows 1 change! That couldn't be true is it?
Enigma
Site Admin
Posts: 2939
Joined: Wed Aug 20, 2008 2:24 pm

Re: Only using the 'Hard Disk Serial Number' lock

Post by Enigma »

This could not be true just because "allow changes" becomes to work only after first successful registration. Protection has to be sure that initially it was registered with the registration key which hardware id exactly match the PC's one.

And also, it is not recommended to use only one hardware lock feature. I advise you to merge it with "Windows Serial" and "CPU", and set "Allow Changes" to zero for them.
speedyorange
Posts: 42
Joined: Mon Dec 19, 2011 3:47 pm
Contact:

Re: Only using the 'Hard Disk Serial Number' lock

Post by speedyorange »

I would like to use the 'CPU' lock and set to zero, except that as soon as the user runs the program as an administrator it will return a different result than run as a user because the CPU info can only be retrieved when run as administrator. When run as a user the CPU lock will not return anything so it's pretty useless.

I know that this is not enigmas fault, it's part of the security model of windows, and no program can retrieve the CPU unless running as administrator. It's just frustrating that the things least likely to change on their computer, like the cpu, can't be grabbed under user mode. I know this is not an enigma problem, other protection systems I've looked at have the same problem, it's a windows security problem.

I suppose the only way I could use the CPU lock is if I required the user to run in administrative mode when installing the key and I allow 1 change on CPU so the program can still run in user mode. The program would also have to be run in administrative mode just to get the hardware id to generate a reg key. I would then have more things I could compare in your 'Compare hardware IDs' program when the user says he has had to install a new HDD and needs a new registration key.

I'm now thinking that creating a separate register.exe program is my best option because I can specify that it run as an administrator in its application manifest. That program can then be launched from the free version of my program, launched from the full version of the program, and launched by itself. Unfortunately, coordinating that with an enigma protected file that has 'run only if registered' would seem to be a problem because enigma has no option for 'launch file if unregistered' which is what I would want. You have an option like that under the 'trial' section, but not under the 'register' section.

So far I'm thinking of using:

windows serial (0 changes)
Hard Disk Serial Number (0 changes)
-I want to use these 2 below but now I have to sort out some administrative mode versus user mode irregularities!
CPU (1 changes)
BIOS (1 changes)

I guess the thing is that there is no perfect in software protection, there's just percentages. There is no perfect in completely stopping all hackers and there is no perfect in stopping some determined and talented 'social engineers' from conning you out of some extra copies of your software. Some losses around the edges have to be counted as a cost of doing business. I'm just trying to figure out my trade offs, my percentages. I want to stop as much as I can, but I don't want to cause legitimate users all kinds of extra aggravations, and I don't want to end up having to do all kinds of extra 'support' by having to keep generating extra keys for users. I'm just trying to figure out what percentage protection is worthwhile to target, and what 'wastage' around the edges I will have to accept.

I've looked at a lot of other software protection systems, and enigma is comparable to the top of the line but at a better price!
scorillo7
Posts: 90
Joined: Mon May 11, 2009 11:16 am

Re: Only using the 'Hard Disk Serial Number' lock

Post by scorillo7 »

i tested under windows xp sp3 administrator and limited account with this options:
CPU type,motherboard,and HD serial it is no change.
Enigma
Site Admin
Posts: 2939
Joined: Wed Aug 20, 2008 2:24 pm

Re: Only using the 'Hard Disk Serial Number' lock

Post by Enigma »

Hi speedyorange,

Just to append your comments.

License hardware locked is really very complex issue, and everyone should expect compromises when using it.

For example:
- you can use CPU hardware lock with zero changes, Enigma can determine the CPU parameters under admin and limited accounts without problems. But note, user can change amount of returning CPU information in motherboard BIOS (user can limit the amount of returning information, or just disable it).
- motherboard hardware lock is useless on some Vista/Seven computers, because system does not allow to read MB information. Some protection may have an option to extract mb information, but all such tricks are just reading registry values, and so such protection is weak to damage.
- probably the Windows Serial is also one of the useful item for hardware lock for most applications. Of course, after updating of Windows this parameter may change, but you can be certain that hardware id will not be changed after upgrade of some hardware.
- HDD Serial is also useful hardware lock item, but it does not work with the RAID hard disks, for eg.

So, it is recommended to mix different Hardware Lock items, depending on type of your application.
Post Reply