One Time Installation

I need make a setup which work for only once second time it should not work.
please do help me
advance thanks

In the Begin-Event, look for the Product key in the registry. If it's already there, abort the installation, but only if !MAINTENANCE. (Otherwise the app would be uninstallable)

Thanks for your immediate response...

You are saying that check for product key in registry, but my query is, if i install my product in once in any system...it should not allow it to install in the same system and also in any other system

that means my setup file should work only for the first time...later on it should not work...

thanx inadvance
SalikAhmed
(RegencyInfotech)

(Edited by salikahmed at 4:53 am on Nov. 9, 2001)

You could make it to where a command line option tells the maint mode to uninstall otherwise msg and exit.  Meaning, at the end of your install, rewrite the uninstall string to something like DISK1TARGET^"SETUP.EXE" /U.  There is an IS option to uninstall without reading the script and you might want to use it or someother param.  For your own param, you could do something like if (CMDLINE % "/MYUINSTALL") then let the script uninstall; otherwise tell the user it is already installed and exit.

Thanks lasenbby for ur cooperation....
but ur not getting my problem...my problem is.....

i've created a "setup.exe" and give it to my customer in a CD...he can make use of that CD only for a single time....bcoz i want my product to be installed only once....after that it should not work...

For example...

my customer runs "setup.exe"  in some x1 system...after sometime if he wants to install in some other system or the same system...."setup.exe" should not work.

that means my "setup.exe" should work only for a single time...so we should restrict him for single time installation in the coding itself...

so please give me an idea of how to develop this...if ur having any sample code....please do send it to me....

MY ID :-  s_salikahmed@rediffmail.com
Thanks in Advance

Gotcha.  But I don't have an answer for that.  

I don't believe it is possible, since you are giving the user a setup program on a CD, you can't write to the CD some sort of code disabling the setup.

If the user wishes to use it on another computer, there is nothing you can do about it.

Phil

what you can do is have a database connectivity on runtime.(the database has to be on server) so when the set runs then at that time connect to the database and then change the flag status from 0 to 1.So next time if the installation is done on any computer it will first check the flag status and if it is 0 then and then only let setup process else abort it.
Now so far as IS is concerned i haven't ever connected it with database.So i don't have any ideas whether database connectivity is working or not,but we had done this from visual Foxpro for checking the key on server that was created on the client side.

It could be done using an Extension that upon returning 0 would exit the program..  This solution however requires the computers to be linked, and they might not necessarily.  If it is two standalone computers, the problem persists.

Phil

Modyfying a CD-ROM after its write session has been disabled is impossible programmatically.

You would have to use a one click installation, and download the files through an SSL server into a 3des encrypted memory segment that would decrypt itself using a session key that would be generated on the fly from the server that would match the ssl session as well as the 3des file. Each of the programs binaries would have to have matching tweaks so that they could not be copied to another machine... I expect MS itself to use this in the next rendition of hardware binding techniques. This way you have complete control over who and what logs onto your server requesting the file, as well as complete control of your binaries, since each binary is different each time it is generated and bound from machine to machine you couldn't even copy one file from an identical partition on a multi-os system... The server even has the power to disable the program during an update. Ironcailly these are techinques used in polymorphic self-encrypting viruses... funny that.

Good Luck... everything else can be hacked, and remember that security is just meant to slow the attacker, not stop them. By making it not worth their time, they will follow the path of least resistance and pirate an inferior product. :)
Kudos...
-=OC

MAINTENANCE MODE is triggered by the

PROGRAMFILES\Installshield Installation Information\<GUID>\setup.ilg
1.rename the real setup.exe to setup.bin
1.make another exe that renames setup.ilg to setup1.ilg
and launches setup.bin via CreateProcess.
3.modifiy the uninstallation string in a way to rename back setup1.ilg to setup.ilg
this way you'll never have MAINTENANCE.

Limitation
after more than one installations , the uninstallation may not function well

This solution however does not solve the problem of a user taking the package and installing it on another system.

An easier way to take care of it on a single system is a registry key that is checked by the package upon running the setup.

Phil

Accompany the cd with a license floppy.  Make the floppy writable and have a hidden file along with someother files that are not (decoys).  On the install, reset the attributes for the hidden file and delete it.  Then anytime after that when the hidden file is not found, block thier install.  Be sure to do something so that they can't just copy the reg entries and files onto another machine; maybe use a clsid entry or something hard to find that does not mention your product or your dlls but that the application checks to see if it was a valid install.

Remember the previous note about detering...there is no fool-proof method.

lasenbby is referring to the method of  "security through obscurity". Meaning if you obscure your product enough with non-orthodox "weirdness" this will imply security. Until of course a 14 year old boy somewhere in Germany figures it out and lets the world know through the usenet, and may even make a handy little tool for script kiddies worldwide... Unfortunately major corporations (some that are initialed MS have relied on this type of security... and well you have seen the results....) I would mention the DMCA... but that is a whole other tangent in itself, that is security through law... The law states that it is secure, and therefore it is and will not be tested without penalty....
... And now for something completely different..
-=OC

Some kanji font manufacturers do what lasenbby is talking about. They use an encryption file will be destroyed after a certain amount of uses. When the font download program goes to this floppy drive and can't find the encryption file it fails..

Anyone with half a brain will make a backup before they use something they just paid a lot of money for, if the disk has been altered to make it difficult to copy, there are tools that can copy the data byte for byte with the errors etc... so the encryption file can be copied, and eventually cracked, and eventually the call to check for the encryption file or dongle can be completely circumvented completely... it only takes a few days and a few mountain dews to figure out before one copy is made into millions and posted on the net... again that is security through obscurity, and that technique always fails. As long as everyone knows they aren't fooling themselves that is good. Otherwise relying completely one some obscure hack will eventually give way, and if it was a cornerstone, whatever else that is on top of it will crumble as well. This has been proven with several design flaws... You can look back at the TestDrive module for ID software, and how millions were lost because of a design flaw that was circumvented within a matter of hours of its release.

Of course if one is creating an unpopular software then no one with the skills would bother wasting their time, this would be the exception to the rule of StO preventing piracy... it is like an open door somewhere out in the desert... sure you can just walk in, but who wants to?

If you use a seperate licensing scheme .dll, you can tie the serial number to the customer's IP address or machine name, so only a machine with that address will be able to install the software.

I remember originally reading this topic way back when I was just starting IS, but I guess it's not dead yet.

In any case, the network interface card's MAC address would be a much more unique item to make use of, but if the user swapped cards that would of course break the software.

That's kind of along the lines of how MS Product Activation works, but they make use of like 7 different pieces of hardware and after three are changed one needs to re-activate.  But I digress, later.

Well, after a lot of time, I finally read this thread.
Strange problem, anyway.

My 2cents for this are:
- sending someone to install the program
- using a password that is only usable on a specific day (password check uses date)
- using very thin cds (they are possibly to be used for listening only once or twice to test audio cds) that will become unreadable after contact with air/oxygen for some time.