anyone knows how to fix this problem?

I have a compiled C program that this small business would like to try out. They don’t want to pay for it yet. So I’m willing to let them use it for a month. If they like it, they can negotitate on the pricing, and if they don’t want to use it, then, after 30 days, this program will stop working.

Here’s the question:

How can I make it work for a month only?

  1. If I write the code to see if the date is later than May 15, 2009, then, the C program stops. But the problem is that they can change the current date of their Linux or Solaris computer, say, back to January 1, 2009, and this program will run again. So I don’t think this method will solve the problem.

  2. Or if I put a counter into a file somewhere on the computer. Say the counter will stop after this C program runs for the 100th time. The problem with this is that if they backed up the whole hard drive, they will likely back up that counter file. If they restore that file back, the counter might be only at 1, 2, etc. So, the software will run again. I don’t think this method will solve the probem either.

Any suggestions to solve this problem? Thanks.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

My advice would be to put in the date check and then just tell them they
cannot use it after that. Setting back your clock all the time just to
get an app working is often more work than it is worth. If they are
really determined and if you are sloppy they could hire somebody to un-fix
the program anyway so I’d probably just get it to them in a quick way and
move on. There is no foolproof solution to restricting software. Digital
Restrictions Management (DRM) is full of blunders for decades now with
people trying to do exactly what you’re doing but there is always a catch
in that the software or media must be available at some point and that is
the weakness. You can’t completely prevent use unless you control every
single facet of the environment, and that’s just not possible.

Anyway, timebomb it if necessary but otherwise if you make a product good
enough they’ll probably pay for it. Even if they were to hack it they
couldn’t get fixes from you unless you knew they were using it so it’s in
their best interest to work with you on it should they want to use it.

Good luck.

newbie09 wrote:
> I have a compiled C program that this small business would like to try
> out. They don’t want to pay for it yet. So I’m willing to let them use
> it for a month. If they like it, they can negotitate on the pricing,
> and if they don’t want to use it, then, after 30 days, this program will
> stop working.
>
> Here’s the question:
>
> How can I make it work for a month only?
>
> 1) If I write the code to see if the date is later than May 15, 2009,
> then, the C program stops. But the problem is that they can change the
> current date of their Linux or Solaris computer, say, back to January 1,
> 2009, and this program will run again. So I don’t think this method
> will solve the problem.
>
> 2) Or if I put a counter into a file somewhere on the computer. Say
> the counter will stop after this C program runs for the 100th time. The
> problem with this is that if they backed up the whole hard drive, they
> will likely back up that counter file. If they restore that file back,
> the counter might be only at 1, 2, etc. So, the software will run
> again. I don’t think this method will solve the probem either.
>
>
> Any suggestions to solve this problem? Thanks.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIcBAEBAgAGBQJJ5W+OAAoJEF+XTK08PnB5Q1kQALjtgw+FY804hlot0YrPojHQ
wOWxxd9YktB2AyFdfitBpnsHH/3YalsCVG9ZbCptGONmvGTnD9BQseDP0GYN/kIB
2i46OTBeUFUQCCAIDHkzF19sBJsoxwlKJfY5ZlitlRgPf/fc6H9Vbi6QOXcl+xSd
Or5BVhAjXVdFKZDh7cbGvaVyDtaxFEGo0sCLMLaYBNJzRe3GIdlur4M9Bku558Uy
Nnii8y6l+uNw+R25LU37P6vAdMtsURro+MgbdU3ND7IG2uAanwQ8Kw19YV67BSAg
smluFjrBlkstUqPONFSsH+9KRoqw2vR/LkbE3S0gpXuKt3h8rc7wAfpkJqSevcb5
WGzPGR7OxBrOXgKQQ49U4zQiykJBD77S1Wl93pOVHJwlOiAyTXQ2r7BQPrFHFDaq
F/psV3o7+0x9OhYF+54nLVLPnNaYEsOqf45HyL81CgzV3P32E/p3g2Z61bfh5RkQ
1HeLcDI3nKIQMzMTNzzNNv0PO0Qk6vR6UVTFuy8+4jDfxT9GjGTbVrExhDCxiEFg
gm2k3hRuK8jwcJdtXtuVFpefSbv5IxHrTc3bBcpwu8sO9drbu5ok57xTJrCjr3U2
GsXSaoJ0EoB0hzpbvAVRPWgCxX2zV3X3b70U5cnF4Vat2xGJyQKoWuiqu/rgJGIK
hgV17RkTmWwfFVJSv0+A
=Djb1
-----END PGP SIGNATURE-----

I suspect that no matter what you try, there is always a way to subvert it by tracing the program’s system calls. For instance, if you obtained time via the network from an external source, one could write a program to replay the network activity. If you attempt to keep information in a file, all one would have to do is restore the file each time before the program is run.

I suspect some element of trust is important. If you don’t trust the people, why do business with them?

Get the executable to append the date to its file image when it runs and to check that the dates comply with your 30 day rule and that the date has not been reset. You may need to think this through a little more and find a way of seeding the file.