[erlang-questions] "Securing" code in Erlang when deployed on customer's machines

Zabrane Mickael zabrane3@REDACTED
Fri Apr 20 16:34:36 CEST 2012 

Thanks to all of you guys.
Don't hesitate if you have others advises.

Regards,
Zabrane

On Apr 20, 2012, at 4:05 AM, Jon Watte wrote:

> Heavy anti-piracy engineering never works for popular software. If someone really wants to pirate your stuff, they will.
> 
> They can clone the hard disks, and the hardware, and spin up as many virtual copies as they want.
> They can disassemble your binaries, and patch out the "branch-not-equal" you use to check any arbitrary condition.
> 
> It's OK to put in a simple "lock" which "keeps honest users honest." Ideally, this lock is no hassle -- the more complex it is, the more likely your legitimate users are to actually use the cracked version of the software, even though they paid for it.
> 
> If your system is anything more complex than, say, "every three hours, the system makes a HTTP request with some statistics to your web server, and if your web server doesn't answer OK, after three days the system will start slowing down requests" then you're probably solving the wrong problem.
> 
> The alternative is to make software that nobody wants to pirate. But that's usually not a good long-term solution.
> 
> Providing real value to your customers for being your customers is what's important, because if your customer makes more money when they pay you, than when they don't pay you, what do you think they're going to do? :-)
> 
> And, finally -- if your work is really so much "secret sauce," then why don't you host it for the customer? Let the customer send you the content, and host it on a cloud infrastructure of some sort (Amazon, Heroku, Rackable, VMWare, etc.) That way, nobody sees the software except you.
> 
> 
> Sincerely,
> 
> Jon Watte
> 
> 
> --
> "I pledge allegiance to the flag of the United States of America, and to the republic for which it stands, one nation indivisible, with liberty and justice for all."
> ~ Adopted by U.S. Congress, June 22, 1942
> 
> 
> 
> On Wed, Apr 18, 2012 at 11:08 AM, Zabrane Mickael <zabrane3@REDACTED> wrote:
> Hi guys,
> 
> We're planning to deploy our proprietary HTTP/1.1 WebServer (of course in Erlang ;-)) on a customer website
> next month.
> 
> For that, we would like to create a licensing system to ensure that it will not be deployed elsewhere.
> 
> Someone offlist told me that "QuickCheck" has a very good licensing system to protect their code
> and manage the number of allowed users. Unfortunately, I don't know how it works.
> 
> Any hints? Any code?
> 
> Regards,
> Zabrane
> 
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
> 



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20120420/a3bd3412/attachment.htm>

More information about the erlang-questions mailing list