Enigma improvements and suggestion. - Important

Post here any topics that related to Enigma Protector, its functionality, your misunderstanding, offers to improvements etc etc etc
Post Reply
droopy
Posts: 17
Joined: Fri Aug 20, 2010 6:09 am

Enigma improvements and suggestion. - Important

Post by droopy » Fri Feb 04, 2011 1:59 pm

Hello.

Enigma is an excellent tool, but i would like to know if it has this latest protection scheme that it is used nowadays (Read Below)

I would like Enigma apart from Generating Registration keys and ONLINE check with internet to my server.
How that this work: User with valid key open the .EXE, and the software protected with Enigma connect with internet to a server address (my hosting) and looks for an activation .php or .TXT with a key number inside also. If this file appears, it continue working.

This is very important, as for instance, sometimes i send a registration key to a user, but user abuse the software or resell it without authorization and i need to immediately (Same day) stop software working. Registration uses keys for time period, but i need a solution to immediately stop software from working via a remote way.

This idea is use nowadays on Blackberry OS6 and dongles, as apart from registration key, i need to put a URL on the Enigma. For instance: http://www.xxxx.com/customerXXXX/key.txt
So i could assign a specific key for each customer and enter that URL on Enigma. Software connects ONLINE to my server and looks for this key to work.

This is double protection and gives me the possibility of stopping the software just removing the .key.txt from my server.

If someone from here know this feature in another software or Enigma Developpers could add it, please PM.

Regards, Droopy

scorillo7
Posts: 90
Joined: Mon May 11, 2009 11:16 am

Re: Enigma improvements and suggestion. - Important

Post by scorillo7 » Fri Feb 04, 2011 2:44 pm

droopy wrote:Hello.

Enigma is an excellent tool, but i would like to know if it has this latest protection scheme that it is used nowadays (Read Below)

I would like Enigma apart from Generating Registration keys and ONLINE check with internet to my server.
How that this work: User with valid key open the .EXE, and the software protected with Enigma connect with internet to a server address (my hosting) and looks for an activation .php or .TXT with a key number inside also. If this file appears, it continue working.

This is very important, as for instance, sometimes i send a registration key to a user, but user abuse the software or resell it without authorization and i need to immediately (Same day) stop software working. Registration uses keys for time period, but i need a solution to immediately stop software from working via a remote way.

This idea is use nowadays on Blackberry OS6 and dongles, as apart from registration key, i need to put a URL on the Enigma. For instance: http://www.xxxx.com/customerXXXX/key.txt
So i could assign a specific key for each customer and enter that URL on Enigma. Software connects ONLINE to my server and looks for this key to work.

This is double protection and gives me the possibility of stopping the software just removing the .key.txt from my server.

If someone from here know this feature in another software or Enigma Developpers could add it, please PM.

Regards, Droopy

Hi dropy,enigma doesn't have that feature.
I have make it this feature for a software apart from Enigma.
It check it HWID of app and if status of this hwid is invalid will stop working.Every time when starting the software the program check the internet on and then
send some parameters to .php script
EX:
www.xxx.com/update/current.php?hwid=HWID&andsoon

the script check's the status from the database if is valid return the current number of version on the server if not then server return a code which mean is invalid program stop working until the status changes.
If the version on the server is > than the version on that computer it's update it himself.This is my aproach hope it's helpfull,remember this thing's is working for me.

In the other order make use of HWID feature of Enigma and/or put the key as stolen in the next version.The bad thing is that if they remain on the same version
this method will not working.
REMEMBER this is just a Enigma user's opinion and is pure unofficial
Your freedom stops where another man freedom begin.

Enigma
Site Admin
Posts: 2582
Joined: Wed Aug 20, 2008 2:24 pm

Re: Enigma improvements and suggestion. - Important

Post by Enigma » Fri Feb 04, 2011 3:50 pm

Hi droopy,

Yes, I agree with scorillo7 that you may mark license as stolen and re-protect application so stolen key will become invalid.

Another idea, you may make online activation service yourself. It is not so difficult I think. For example, you just make an interface in your application that will connect to your server and check the registration key and it's validity.

Do not think that Online Activation will improve protection of your software in times. Really this could be bypassed in many ways:
1. cracker may emulate server response and modify http traffic so that your application will always think that it is registered with the good key
2. cracker may just bypass routine that perform connection to server so application will work well with stolen key
3. finally, application should somewhere store activation information (in case user uses your program without internet connection), and cracker may find this information and use it endless.
Do not place a lot of attention to online activation. Online Activation is a very good service only if your application always requires internet connection. If your program works without internet connection, then Online Activation could be just a useful for user service and does not affect on protection level.

PS: few days we have completed test version of new branch of Enigma Protector that contains Online Services features (and Online Activation too). This version also contains a Web Control Panel for managing of the users, activations, orders, news, mailing, generating license codes and so on. It is written in PHP and uses MySql database. I can give these sources for free to only trusted customers.

scorillo7
Posts: 90
Joined: Mon May 11, 2009 11:16 am

Re: Enigma improvements and suggestion. - Important

Post by scorillo7 » Fri Feb 04, 2011 4:10 pm

Enigma wrote:Hi droopy,

Yes, I agree with scorillo7 that you may mark license as stolen and re-protect application so stolen key will become invalid.

Another idea, you may make online activation service yourself. It is not so difficult I think. For example, you just make an interface in your application that will connect to your server and check the registration key and it's validity.

Do not think that Online Activation will improve protection of your software in times. Really this could be bypassed in many ways:
1. cracker may emulate server response and modify http traffic so that your application will always think that it is registered with the good key
2. cracker may just bypass routine that perform connection to server so application will work well with stolen key
3. finally, application should somewhere store activation information (in case user uses your program without internet connection), and cracker may find this information and use it endless.
Do not place a lot of attention to online activation. Online Activation is a very good service only if your application always requires internet connection. If your program works without internet connection, then Online Activation could be just a useful for user service and does not affect on protection level.

PS: few days we have completed test version of new branch of Enigma Protector that contains Online Services features (and Online Activation too). This version also contains a Web Control Panel for managing of the users, activations, orders, news, mailing, generating license codes and so on. It is written in PHP and uses MySql database. I can give these sources for free to only trusted customers.
I know it ,i know it , i feel it .I'm trusty enough for this privilege? :lol: :oops: :lol:
REMEMBER this is just a Enigma user's opinion and is pure unofficial
Your freedom stops where another man freedom begin.

Enigma
Site Admin
Posts: 2582
Joined: Wed Aug 20, 2008 2:24 pm

Re: Enigma improvements and suggestion. - Important

Post by Enigma » Fri Feb 04, 2011 4:21 pm

Yes Sorin, you are enough :) If you need this, email me!

droopy
Posts: 17
Joined: Fri Aug 20, 2010 6:09 am

Re: Enigma improvements and suggestion. - Important

Post by droopy » Fri Feb 04, 2011 5:59 pm

Thanks Enigma for the response.

@scorillo7. Excellent that was i was looking for. I need a way to Disable software IMMEDIATELY by online check.

@enigma: Using stolen keys in next version is not so good, as many people do not upgrade and use same version. My software do not update very often. So, stolen keys are only for specific software that is often updated.

Emulation of server is done by crackers. BUT i mean a multiple protection Registration Key + server. What i need is a way to STOP software from working via a remote way. Usually software is protected with Enigma Constant Values, so it is not so easy to crack.

I know online protection is not so well, but usually customers are not talent crackers and i need a way to stop a user if they abuse or resell software.

Hope Enigma you could share this online activation for Free. As an addon to software.

Droopy

Enigma
Site Admin
Posts: 2582
Joined: Wed Aug 20, 2008 2:24 pm

Re: Enigma improvements and suggestion. - Important

Post by Enigma » Wed Feb 09, 2011 8:21 am

We have found a way to prevent server emulation for online activation. Hope this idea will be made soon.

Surely, SSL could help, but not all the servers support SSL.

We will release own secure online connection engine inside Enigma, all the data will be encrypted with asymmetrical algorithms like RSA and will be based on a "random per session" keys. So we will try to avoid server emulation and make online activation more secure.
droopy wrote:Hope Enigma you could share this online activation for Free. As an addon to software.
Yep, no, this solution will not be free, because there were made a lot of work to make this and online service will need high activity of support team...

Post Reply