How do I copy-protect my Java application? [closed]

Question

I want to sell my Java application using PayPal. When a payment is received, the customer is mailed a one-time download link to my application.

My question is, how do I prevent people from sending the .jar file to their friends/uploading it on the internet?

Obviously I need some kind of check in the application which only allows it to run on one computer. And that's another problem, I don't want a customer to have limitations on one computer, they should be able to run it at home and work etc.

Maybe some kind of cd-key would do the trick? Is there any cd-key resources for Java out there? Or should i build my own algorithm? Here comes yet another problem, reverse engineering..

Please help me solve this :)

Answer 1

The most common way to handle this is: customer gives you money, you generate a unique unlock key and provide that to the customer. The key should be a valid unlock key, and it should encode identification information about the user. Customer uses that key to install on as many of their computers as they like, or is allowed by the license.

Don't worry about reverse-engineering. Your product, if it's at all popular, will be pirated - you'll find unlock keys online if you look hard enough. If you like, you can take that as a compliment - someone liked your software enough to steal it. Cold comfort, I know, but the alternative is to get in an arms race with the pirates, and you won't win that. In the end, a few percent of the population will steal software, and you can't do much about that. You can use the key's identification information, if your scheme is strong enough, to trace who released the key in the first place.

Answer 2

Actually there are a number of license management solutions that can help, but the REAL problem is that all of they can be cracked. I've personally tried the most expensive to the cheapest. Finally I rolled my own, and I check the software's pc details (mac id, etc.) against the recorded details in my server every time the software is run. Because my software is tightly tied to the Internet, it is okay, but I am sure it will be cracked one of these days.

What you probably need is to police the Internet regularly, and find where your software is being pirated, contrary to the popular belief you can actually stop them in most cases. Just serve a DMCA to the downloading website (most of them will comply), and you will be able to get your software removed in about 80% of the cases. I've done and experienced it on my software. Some people do not remove, but I've found that in the 1.5 years I've been doing this, my sales have improved.

I also use a service -- http://spotpiracy.com which helps me find these links apart from my own manual research (i have a guy dedicated to this). :)

Answer 3

Everyone has their own opinion on this subject so expect lots of different advice. Here's my take on it:

• 1. Obfuscate your code (proguard is recommended)
• 2. Offer a FREE version with full capabilities for a trial period
• 3. Use a serial number routine based on the registering users email or other unique info

Overall you will have to accept a certain amount of piracy, but if your application is worthy people will pay for it. Honest people will be honest and copy protection will not make dishonest people honest.

Answer 4

In my opinion, if you don't know exactly how you will protect your source code efficiently, then don't start trying to hash something together yourself based on hardware. It will be too easy to break, and most likely just annoy your customers.

I would sugest you have a look at how Atlassian does this. They happen to sell Java software, and apparently do quite well. http://www.atlassian.com/ Try downloading e.g. JIRA and play with an installation. This will give you a good idea of how their licensing scheme works, and what users can reasonably expect from professional software.

Answer 5

You must implement licensing capabilities.

Here is one interesting resource as a starter: http://members.chello.at/stefan-schneider/JavaLicenseKit.html

Answer 6

In my old c++ days i get in arms to front the piracy using MAC Address code protection, very nice and really no body stole my software uppone the mac address protection because i always force the OS to re-read the real mac avoiding mac overrides. That was on C++ coding having direct access to local resources.

thats not the case today, nither in java applications in which the code is located in .class files that can always being decoded back to the original source code (yes it is possible, and very easy to find tools to do so).

i think, as resume, it is impossible to protect java programs agains piracy. i find no way like the old golden c++ days :)