i have discovered a way to protect my software from a usb device. if the software will be copied to another portable device it will not run. my software will detect the serial of my usb drive and it should be the same to the serial i have put in the software. for example: the serial number of my drive is 12329039 then in my software it is recognize as 12329039 then the software will run or else it will exit. note that usb drives have a unique serial number and can be only changed once it was formatted. i have to note to my customers not to erase the software or format the usb drive. i could say that this is one of the best way to prevent your software from getting pirated. (one idea is to encrypt your serial numbers as many as you want just be sure the software can decrypt it)
here is one part of my code:
------------------
if drivetype~=2 then
Dialog.Message("ERROR", "Unauthorized copy of Application, exiting program.", MB_OK, MB_ICONSTOP);
Application.Exit(0);
end
------------------
this line of code determines if the software runs on a removable hardware/usb device if not then it will exit.
this is only one part of my security.
one more thing the software will run only at the usbdrive it was originally copied. it is already the EXE.

thanks for sharing, but user Roboblue has already wrote a very nice app does this very thing. I would suggest that you should see his thread before wasting time coding something that has already been done. ;)

its hard to explain what im trying to say i know what roboblue is saying sir but what im trying to do here is different to what they do. my application is protecting every single file that could be copied in the application including the temp folder. im trying to make a web executable file that is secured entirely even on savvy users. im trying to maximize the security of the data in the application as it could be. im trying to look all the possible weakness of the application in terms of security.

for example: i have an application made for a specific usb drive. that application will run only on that usb drive and prevent users to access the temp folder to protect the content of the application. hope it is now clear.
plus im trying to code it purely by use of the ams command and not getting any help from dll's or such.

I would love to see all the code. ;)

i came up to a high security type of application by putting all different ideas of ams users in one application.

here's some part of my code:
try to put these codes on the startup action of the application
---------------------------------------------------------------------------------------
local sfx = Table.Count(_CommandLineArgs);
for n,v in _CommandLineArgs do
if (n == sfx) then
strSFXmid = String.Mid(_CommandLineArgs[n], 11, -1);
strSFXApPath = String.SplitPath(strSFXmid).Drive;
end
end
(get the original path the software run. example e:, f:, g: )
------------------------------------------------------
drivetype = Drive.GetType(strSFXApPath);
if drivetype~=2 then --check if the application runs on the usb drive if not then error message.
Dialog.Message("ERROR", "Unauthorized copy of Application, exiting program.", MB_OK, MB_ICONSTOP);
Application.Exit(0);
else
expected_pass=2786886402;--sample serial number of my drive
serialnumb= Drive.GetInformation(strSFXApPath.."\\");
inform= serialnumb.SerialNumber;--check serial number of drive
if (inform~=expected_pass) then
Dialog.Message("ERROR", "Unauthorized copy of Application, exiting program.", MB_OK, MB_ICONSTOP);
Application.Exit(0);
else
Dialog.TimedMessage("Welcome", "welcome to (your company)", 2000, MB_ICONINFORMATION);
end
end
---------------------------------------------------
each software has its own built in unique serial number that came from the usb drive. if the usb drive is formatted then the serial of drive would change and the software will not run anymore.
-----------------------------------------------------------------------------------------------------------------------------------
-- Get the titles and window handles of all open windows.
windows = Window.EnumerateTitles();

-- A variable containing text in the title you want to search for.
window_name = "Temp";


-- Loop through the table of windows.
for handle, title in windows do

-- Check if the window title has the target text.
result = String.Find(title, window_name, 1, false);

-- if the string was found in the title, send the window a close message.
if (result ~= -1) then
Window.Close(handle, CLOSEWND_SENDMESSAGE);
end
end
(this part closes the temp folder in order to protect the source file from being copied since when running an application it create a temporary copy of the source in the temp folder)
---------------------------------------------------------------------------------------------------------------------------
i also put a code that when the software is running then the usb drive is unsafely removed the application will close.
i don't know if i have covered all the weakness of the application in terms of security


credits goes to those i learned these commands. i am trying to put all ideas in one application to have a well secured application.

Nice job macko!

this part closes the temp folder in order to protect the source file from being copied since when running an application it create a temporary copy of the source in the temp folder

This doesn't make sense to me as I understand how AMS works.

If you publish a project as an exe, then at runtime it is 'unpacked' to the system temp folder and runs in part from there. No "Temp" folder window is opened it's just that files are accessed from there. This doesn't happen if you don't publish to a standalone exe but then of course your project folder structure is available to browse.

Open a Windows Explorer run your exe and then alt/tab (if necessary) back to the Windows Explorer window. You have access to the project files while the app is running.

Or is this just another occasion on which I've totally misunderstood what's been said ? :D

this should be publish as a web executable and you must enable the encrypt data feature. you cannot read the data in a web executable if it is encrypted you need to know its password before you can unpacked the files inside the executable and the only way to see the data inside the application is by going to the temp folder.

(this part closes the temp folder in order to protect the source file from being copied since when running an application it create a temporary copy of the source in the temp folder)-- what i failed to mention is that the code about closing the temp folder should be written in the page timer event so that the application will always determine whether sum1 is trying to access the temp folder. thats why when sum1 tries to access the temp folder while the application is running it will be closed.

Ooops.... - yes for some reason I was thinking about protecting content which this is not about but rather you are ensuring that the executable is running from a specific USB stick.

Could be something to do with the fact that content represents 90%+ of the work that I usually put into a project so I read this and put my own meaning onto it.

I'd not use the AMS Web Executable. Instead I'd build it to a folder, but AT1 Creator by MZ and use that, sine it doesn't extract the files, it loads them from memory (AFAIK), which is kinda hard to crack.

(this part closes the temp folder in order to protect the source file from being copied since when running an application it create a temporary copy of the source in the temp folder)-- what i failed to mention is that the code about closing the temp folder should be written in the page timer event so that the application will always determine whether sum1 is trying to access the temp folder. thats why when sum1 tries to access the temp folder while the application is running it will be closed.

Yes but what if user is using Total Commander?
Or copies the folder structure using command line?
Or terminates the autoplay.exe process using Task Manager?
This timer thing is trivial...

my application will always ask the user if he/she wants to close the app whether by using the task manager or not. and never forget to put page.stoptimer on the shutdown event or on page close event if ur app has a page timer so exiting the app means terminating the timer. the serial is embedded inside the exe so how would they know what is the serial inside? even if they figure out the serial how could they change it since the application is compiled right? dont protect the exe only focus what the exe has: the structure and the data that's my target.

and yes i'm trying to run a software limited to a single usb only. another usb means new serial number compiled inside the app.

please try also read about U3 flash drive devices hope it may help those who want to massive produce their app/software/or whatever it is through usb flash drive.

well guys if u want to test ur app pass me a exe and i'll send u contents of that file. ;)
i m not very genius person but i know computing.

my application will always ask the user if he/she wants to close the app whether by using the task manager or not.

It won't, if user goes to processes and terminate autorun.exe process (or whatever name you've chosen). It will die instantly.

Unless you find out how to reject APP_TERMINATE commands (like modern firewalls do) or even hide the process.

even if you terminate the autorun.exe your app my not ask you but STILL your files in the temp folder will also terminate.

Yeah, the extractor deletes them when it doesn't no longer see autorun.exe. How about terminating the extractor, then the app. That way you can easily grab the files, unless they're in the Audio folder, where they're packed into the .dat files, which might be zip files.

how did you know about those things? thats what i need. i really want to protect my files from any intrusion. or prevent it from getting deleted that is why i want to try the u3 flash drive devices to put password protection hehe:D

Because I tried it myself. There's no way to protect any piece of software from stealing. Any experienced hacker can grab the LUA code from the memory. Not to talk about crackers who seem to beat any kind of protection.

Any experienced hacker can grab the LUA code from the memory. Not to talk about crackers who seem to beat any kind of protection.

Just look at the way Paradox cracked Vista... how far they've gone... they've made something like an artificial bios driver, so that Vista thinks it's running on OEM machine, therefore it doesn't require activation, but is instantly activated instead.

While in the case of Vista a much more amount of dedication was implied due to it's popularity and some kind of a contest who will do it sooner, in your case macko you can feel safer since your application will not draw so much attention. Nevertheless, you must realize that there are really funny ways to copy out your data. I already mentioned, I can simply use Total Commander or Command Prompt to copy out any data your application tries to hide.

may be i should switch in buy and sell rather than creating software since my effort will just go to waste heheh:D

my answer wasn't that u some one shouldn't do some effort try ur best at least its not easy for a normal person to copy contents.

i looked at a few options relating to this, and as the guys have already hinted at, there is no one all round solution.

If you are looking to protect script files or other documents then i would look to use blowfish to encrypt the packed files and then decrypt to memory on the fly deleting any temp files created, as pointed out a determined hacker could still fish the info out of memory, but it just makes it a little harder, but you dont have to try and hide the file as without the decrypt key they are screwed

As for protecting content, i again would look to 3rd party encryption, instead of trying to encrypt the AMS structure and content, try putting your content into encrypted rar files that are unpacked to the AMS temp folder intact, and have the user enter a password when your AMS project opens and before it tries to access the content in the RAR files, RAR encryption is among the best in the world of archiving, and the command line tools for unpacking are free,relying on the encrypted zip archive within the AMS structure would be careless

may be i should switch in buy and sell rather than creating software since my effort will just go to waste heheh:D

Nobody said that. We are here to help you, and to guide you when you are not sure about something.

my answer wasn't that u some one shouldn't do some effort try ur best at least its not easy for a normal person to copy contents.

I don't agree with that. Terminating the extractor, then the autorun.exe and grabbing the files from the temp folder is perfectly doable by a normal person.

Keep your chin up macko! Sure, everything is hackable, but at least we can make it challenging for them!

The best thing to do it to check for the extractor if it's running and if it was terminated, simply delete all the important files and shut the application. Or you can use AT1 Creator, as it seems to me it's extracting the applications directly into memory, not on hard-drive.

thanks guys

AI1 Creator doesn't extract the files into memory, it extracts them to the temp folder and auto deletes them files after the main files executation has ended. Also, the files are not packed into a zip files and you can request for a password and if the password is incorrect, no files are extracted.

AI1 Creator is now freeware and you can get it from here if you wish: www.mz-soft.info/ai1 creator.php

Ouch, then it won't do much good than AMS's one. And change your **** font on the forums, it seemed to me to be aT1 instead of aI1 :huh

what could be the best way to protect our files? any suggestions?

Sorry ---- off topic slightly.
I use good little program called process guard protect processes from being bumped off by other processes- namely my g15 keyboard software being killed by gameguard.
One of the processes i have protected is explorer.exe so, nothing can close it down.
A better way for you to protect you content maybe publish to a folder on usb and encrypt all the file there and have the autoplay decrypt on the fly.
I played with all this stuff when roboblue first did his and couldn't find a really good way to get 100% content protection from a really knowledgable person.
best of luck
Gabby

i'm looking into this again to see if i can protect things inside the temp folder, i have a small app that can be used to encrypt files (even exe's) before putting them into the AMS project folder, then when they are unpacked to the temp folder they are still useless until they are deployed, then i can transfer them and decrypt in situ, this is about as good as i can get, but have to be aware of decrypt times, it's ony a second or 2 for a 2mb file, but still could cause timing issues in some projects.

there is one thing to remember, if you project installs files to the users pc, then they are un protectable after deployment !