Hi Guys,

Just wondering if I could run some thoughts by you.

I am about to release a DLL for a target client base and obviously you get people who will distribute this amongst dodgy channels.

I have setup my site to provide download links via user accounts and each dll is serialed in some way internally. So, I'll be able to track the source of the Buccanneer (Pirate gag :) )

I am wondering, should I also add an internal 'kill switch', so the DLL communicates back to a server to see if it is 'valid'. Ie. kill the leaked DLL's?

I was thinking of doing this in an unitrusive fashion, so if the DLL is not connected to the internet then it will continue working. But if it is connected and deemed 'not valid' the DLL will fail. Obviously, I want to do this in a way that is 100% non-intrusive to the end 'legit' user.

Although this method isnt perfect, it should slow down the piracy rate. And yes, if someone really wants to they can crack the DLL.

I just dont want the 100's of hours I have put into this go down the drain (being a solo dev). I am sure you'd understand :)

I also don't want to charge alot for my work, thinking around the $10-$20 region. I could charge more, but that is not who I am. I want people to enjoy the DLL as much as I have enjoyed making it. And so far the feedback from the 'target' has been awesome.

Thanks in advance :)

Businesses invest billions of dollars every year for systems that are only effective for two or three weeks. Some require license servers, some require dongles, some require physical disks, some require license keys, all are defeated quickly. The only effective solution is to run it on your own servers.

Assuming your game is popular enough that anyone would want to steal it, your little secret will be discovered and become freely available online.

Spend your valuable development time actually developing the game.

Hmmm true. I know what you mean. Probably better to cater for the 'true users' rather than spending time, money, and effort staving off the dodgy ones.

If you really want to add anti-piracy:

Release a purposefully 'cracked' and 'buggy' version of your dll to pirate websites (high-cpu usage, frequent crashes, ect). Several versions infact, make them seem as legit as possible. You can even add a time delay to make it seem like it works perfectly at first. Having an already released 'cracked' version of you software will also deter crackers from actually cracking it too since they think its already been done and if they do crack it.. it will be just be mixed in with your version.

This should really frustrate the pirate community. Though, I'm not sure if that will result in more sales for you :P

You could embed a separate, unique 128-bit GUID in each individual DLL and assign it to each legitimate customer. Each time a user connects, transmit that GUID and make sure that no one else is current using it. If a second connection is made with the same GUID, disconnect them. This way, although you may have 10,000 pirated versions, only one can connect at a time. Whomever is distributing the software will soon learn when they can't connect...

You could embed a separate, unique 128-bit GUID in each individual DLL and assign it to each legitimate customer. Each time a user connects, transmit that GUID and make sure that no one else is current using it. If a second connection is made with the same GUID, disconnect them. This way, although you may have 10,000 pirated versions, only one can connect at a time. Whomever is distributing the software will soon learn when they can't connect...

Sounds like that, too, would be cracked, by someone who figures it out, and replaces that code with either one that brute force increments the GUID until it finds one that is accepted, or generates one from your own machine that is unlikely to collide with anyone else's.

Sounds like that, too, would be cracked, by someone who figures it out, and replaces that code with either one that brute force increments the GUID until it finds one that is accepted, or generates one from your own machine that is unlikely to collide with anyone else's.

But the server would contain a list of valid GUIDs to compare against - one for each customer. And the chances of 'guessing' a correct one would be unfeasible, there are 5.3×1036 combinations!