Software Protection (hardware based or software based)

[cjsio]

Hi, to all software developers. I don't know if you guys protects your developed software for protecting it against piracy.

Which software protections you all prefer? Software based or Hardware based (most probably Dongle)?

Is it software based is not as secure as hardware based?

Hardware based software protection will need extra costing too.

Hope to get some suggestions from you all.

[JoeFrat]

Hi, to all software developers. I don't know if you guys protects your developed software for protecting it against piracy.

Which software protections you all prefer? Software based or Hardware based (most probably Dongle)?

Is it software based is not as secure as hardware based?

Hardware based software protection will need extra costing too.

Hope to get some suggestions from you all.

any security Method Be it Hardware or software is vulnerable To Cracking unless Software protection Itself is really strong.

[X-Ray]

Hi,

Very Nice Question, I will prefer Software Dongle security option as it is less-used alternative for software protection, so there will be more chances to secure software until more users are aware of it.

[sergioKomic]

Usage of specially coated key diskettes and CD's, passwords and registration numbers

Implementation of these protection methods does not require heavy financial investments, however they cannot guarantee high reliability against attacks. Therefore, this kind of protection is recommended only for cheap software. What matters for this software is achieving popularity and wide circulation (sometimes due to pirated copies). Usage of a more powerful and expensive protection system would be pointless in this case.

Dependence on the Unique Computer Features

This protection method is much more resistant to attacks than the above and its implementation requires little investment. However, due to the specifics of realization of this protection mechanism, it is the least convenient method for end-users and causes a lot of complaints. A program protected by this method cannot be transported on any other computer and experiences difficulties with upgrading. Usage of such a protection method makes sense when the manufacturer is sure that it will not scare away the customers.

Software-and-Hardware Protection Based on Dongles

Currently, this is the most reliable and convenient method of protecting medium to high cost off-the-shelf software. This method is very strong to attacks and does not limit the usage options for a legal software copy. Usage of this method is economically beneficial when protecting programs that cost no less than 100 USD, since even the cheapest dongles increase the cost of software by 20 to 25 USD.

Dongles are mostly used for protection of commercial software: accounting and inventory management applications, legal and corporate systems, building construction estimates, CAD systems, electronic reference systems, analytical software, ecological and medical software, etc. Development of such software require heavy investments, therefore the cost of software is high as well, and the loss from illegal distribution is considerable. In this case dongles present the optimal protection means.

Source: guardant

[Modifier]

Different software developers might have different preferences on selecting either Software based or Hardware based Software License Protection into their software applications. The common factors influence their decisions are as below:-

Total Cost of Ownership
This will include overall investment on acquire such protection method which can be the Initial cost to obtain, cost to integrate and cost per software license. Most importantly, will the choice taken provide positive return on investment.

Time to Roll-Out
Overall implementation time, will this protection affect the software roll out schedule or will the integration consume too much of our resources to accomplish it. A good protection strategy should find the right balance point among this consideration.

Security
How strong can the protection method combat against the potential threat of being pirated, usually higher value software might require higher security protection then low value mass market software.

Business Model
Whether the protection method can best suit into their overall business model of which will include product distribution, product pricing, licensing management and of course marketing activities.

[MindSpace]

Software based Software License Protection is the earliest protection method available and usually the protected application will require user to key in Serial No., License Key or Unlock Code to activate the software license. Most of the third party Software License Protection provider will provide a ready made encryption engine of which software developers can use this to encrypt their software applications as to add the protection layer onto their software applications. Usually, the protection will tie with some unique ID from the computer system such as Hard Disk ID or Network Card ID. Also due to this reason, usually if there is any hardware problem such as Hard Disk or Network Card spoilt, license re-activation will be needed. It will also means the Software Developers will need to keep track and verify the License Key reissue request from the end users, of which some end users might try to take advantage on it. As Software based Protection do not come with any additional devices, it will have to store all the licensing information into the computer system and mostly hide it inside registry.

Pro
Lower ownership cost
Most probably it is cheaper than Hardware based in long run if you purchase from third party provider with one-off purchase (without license loyalty model).
Easier to implement
Usually it comes with limited security features and thus the implementation can be easier.

Con
Lower security
As Software based can only store and hide all the protection information into the computer system, it will come with higher risk as hacker will be able to locate those security information easily and perhaps crack it.
Too dependent on computer hardware
Most Software based protections are too computer hardware dependent and thus if any computer hardware problem, reinstallation or license reactivation will be required. There are also possibilities some end users will try to take advantage of it by requesting additional license keys for additional workstations instead.

Hardware based Software License Protection is now the most popular protection method where the end user will require to plug in the valid hardware device to the computer in order to run the application. Third party provider will sell the devices which is commonly called Dongles together with software SDK for software developers to do the integration. Usually for Hardware based Software License Protection, end user will not require to key in any Serial No., License Key nor Unlock Code, just plug in the Dongle and run the application, the protection will authenticate the license through Dongle. There are many different forms of Dongles available in the market and the most advanced Dongles are now built based on Microprocessor Smart Card of which it is able to provide very maximum protection and thus make hacking almost impossible. As now, software developers are able to determine your software licenses with their Dongles thus make software distribution much easier and more secure.

Pro
Higher security
A good Dongle can provide very maximum security if software developers implement it in the right way. As Software developers not only able store the license information inside the Dongle but also able to perform many others security features onboard of which it will certainly make hacking more difficult. The lasted MCU Smart Card based Dongles will make hacking such protection like hacking our EMV Credit Cards, at least it is impossible with today hacking technology.
Better software distribution
With Dongle, software developers will be able to distribute their software as ready-pack product and thus make many different software distribution models possible.

Con
Higher cost per license
As the protected software will need to distribute together with Dongle, it will add into the software costing as well.
Compatibility issue
Some Dongle might have some compatibility problem to certain environment such as different OS, different network settings or even different firewall configuration. Choosing the proven and well-known Dongle will be able to eliminate such issue.

[cjsio]

Thanks guys for replies. I see there is alot of members here do really concern about protecting their software. Happy to see so many analysis about both hardware based and software based protection.

I do agree with Mindspace reply one the pros and cons.
Software based is too dependent to the hardware in the computer. Any hardware failure will cause a big hazard on uninstalling and installing the software. So, is there anyone around here have a solution on this matter? Any idea on making the protection more independent? or there are some other concepts that not rely on hardwares? Hope anyone of you can share..

For hardware protection, yes it might go costly when it goes licensing with dongles. From what i have research on the internet, it shows that there are few famous software dongles developers & providers, like HASP, Sentinel, KEYLOK, ROCKEY, SECUREDONGLE (this is a new brand, just found out online) and so on...

Something I found out is that dongle developers in Asia provides dongles in cheaper price compare to euro or western countries. For features and functions, I see they are competitive and who may close the deal with their clients I think should consider the factor of pricing issue where Asia provides cheaper costing.

For compatible issue for dongles with windows, most of the dongles comes with driverless function and I think it probably solves the compatible problems.

[PeterMM]

my company ever use Hasp and keylok before, now use SecureDongle... costing and support make our decision. The reason why we continue use dongle although it will have additional cost on our software(this can't denied) but we just want to make sure we sell to those corporate clear with the number of copies of software they bought, they can simply reformat the PC, we have no worry with the not genuine license key request, if the dongle defective just pay for small amount dolar for dongle replacement, it is depend on how you handling your customer.

[Schmucko]

Just as MindSpace said, a dongle is the most secure solution if implemented in the correct manner. The first thing that we learned about in my network security classes, is that security is best implemented in layers. At some companies employees have an ID card to get in the door, several passwords for different systems they have to access, and they might also have codes for cipher locks that they have to remember.

I think it's safe to say layering is the best security for your software as well. The harder you make it for a hacker or cracker to break the security of your software, the less likely it is to be pirated, stolen, hacked, cracked, or however you want to put it. One of the companies that I used to work for started implementing KEYLOK's dongles into their software and they started to have an increase in profit because of it. My last few weeks at the company I started hearing that they were even going to have a dongle that had a flash drive along with it. So, they would have been able to put the software right on the dongle and distribute it that way. I thought the concept was pretty neat.

Whether you go with a software or hardware based solution, I think the best thing to do is implement in layers. Make the crackers, hackers and theives work for it!