* The Business of Software

A former community discussing the business of software, from the smallest shareware operation to Microsoft. A part of Joel on Software.

We're closed, folks!


» Business of Software FAQ
» The Business of Software Conference (held every fall, usually in Boston)
» Forum guidelines (Please read before posting!)


Andy Brice
Successful Software

Doug Nebeker ("Doug")

Jonathan Matthews
Creator of DeepTrawl, CloudTrawl, and LeapDoc

Nicholas Hebb
BreezeTree Software

Bob Walsh
host, Startup Success Podcast author of The Web Startup Success Guide and Micro-ISV: From Vision To Reality

Patrick McKenzie
Bingo Card Creator

Looking for a tool that can save private data into registry

0 down vote favorite

I provide a free edition to my application (.NET), and I have to store my data into the Windows registry in a way that users can't detect where it is stored (I have to be able to load the data as well).

I'd prefer to use a tool that can provide it. Do you know such a good tool? I've already tried two tools (Cryptolicensing and Eziriz) but I'm not satisfied with the support quality provided by the vendors.

Thank you

P.S. The data I have to store does not override any data. Users sign end-user agreement that allows me to store the data (it's a typical end-user license agreement [EULA]).
Mosh Send private email
Sunday, July 27, 2014
Are you talking about a licensing system, or simply data storage? If data storage, you could try Isolated Storage [1]. It's not tamper proof, but for 99.9% of your users it effectively is.

[1] http://msdn.microsoft.com/en-us/library/3ak841sy%28v=vs.110%29.aspx
Nicholas Hebb Send private email
Sunday, July 27, 2014
Like Nicholas, I suspect you're trying to do some licensing-esque stuff. My guess is you're trying to do "unverified trials". Meaning, you're trying to start a trial by storing data to some "secret" and "untouchable" area on the user's computer so that the user can't "reset" the trial. The "unverified" part of "unverified trials" just means that you don't want to contact a 3rd-party server to start the trial.

Did I get that right?

If so, then let me be the one to burst your bubble. Unverified trials can be reset easily with relatively limited skills. (Yes, I'm aware of all the tricks to store to places that are "hidden". Spoiler alert: they're not as hidden as you think they are. Theses tricks haven't fooled anyone since the mid-90's.)

So, then, what are your options?

1. Keep using a simple unverified trial system with full knowledge that the trials can be reset.

2. Waste time building a super-secret unverified trial system that stores to "hidden" places (but can still be reset as easily as any other unverified trial system).

3. Use "verified" trials. Namely, use the "fingerprint" of the computer, contact a server and do an "activation" that includes trial data. Here's how we implement it: http://wyday.com/limelm/help/trials/#verified

Is that helpful? If you tell us what you're trying to store we'll be able to give you more useful advice.
Wyatt O'Day Send private email
Sunday, July 27, 2014
I like Wyatt's #1 option.  So few users will bother trying to steal your software like this.  And if you write to that registry value every time the app starts, those few will have to continue to reset it.  Anyone willing to go to that much bother to avoid paying is probably not a customer you want anyway.
Doug Send private email
Monday, July 28, 2014
You can NEVER hide anything in the Registry.  All can be tracked with Process Monitor (aka "ProcMon") and/or RegShot.  It's all too easy.

Even if you think you found a good hiding place, a Registry-cleaning app like CCleaner might accidentally delete your entries, thinking they're just garbage.  If this is saved data from your users and it's now lost, consider yourself sued for releasing "faulty" software.

Better to just save the data in the Registry somewhere safe (so CCleaner will leave it alone), but encrypted, so it can't easily be found and/or modified by lay users like a prefs file in %APPDATA% can.
PSB136 Send private email
Tuesday, July 29, 2014

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics
Powered by FogBugz