Using the system time for node locked licensing
I have node-locked licensing working, using the MAC address and system time. We're concerned that people will just edit their system date to extend a license, so I've tried getting the real date from a开发者_运维技巧n machine in the NTP pool. That works, but then obviously you can't use the product without being online, and it doesn't seem to be 100% reliable (I'm guessing the UDP packet never arrives/returns in some cases).
What's the standard approach here? Live with the changeable OS date? Run something on a web server that provides the time over TCP? I hear the BIOS date gets updated by the OS when you reboot, so perhaps there isn't any way to know for sure what the current date is without using the internet?
I know that licensing can never be completely secure, and I expect it to be cracked or torrented, but I don't want it to be as easy as changing the system date. Any ideas appreciated. Thanks
Using a hard disk drive serial number in addition to the date would be more difficult to bypass. You can also have it limited to the user login name. Other than having a hardware dongle, software licensing can always be circumvented.
Update: If that's the case, can't you just monitor the time? Create an algorithm that validates the system clock follows a logical progression (always increasing.) If the date ever suddenly get shifted back more than a specified amount of time (you have to account for some drift and internet time server corrections), you disable the program until the user restores the clock?
精彩评论