Gossamer Forum
Home : General : Perl Programming :


Quote Reply
i THINK i HAVE A IDEA FOR SOME ARTIFICIAL iNTELIGENCE you can use to protect yourself from people stealing/illegal scripts.

Here is what I recommend:

1 Install some code that automatically email you whenever a user changes the password from the default to a new one.

2 install some code in nother part of the script (different file) that checks license #. For example, UBB gives everyone a User Licence # when they purchase the product. Have the scripts CHECK FOR LICENCE AGAINST A DATABASE and if more than ONE website use the same license # have the DB email you immediately.

Then you go to the two websites and see which user is using the illegal script.
You already know who the license belongs to since you get the info when they purchase it.

3 Have EVERY script check to see if the code and license # exists in all files (cgi/pl) the FIRST time the Script is installed, and have the script email you every time a NEW script is installed for the first time.

4 Have the Check Verssion # script (as UBB Verssion Check works) also email you if someone initialized the verssion check from an illegal installation.

5 Have your FORUMS script automatically assign a USER Name and PASSWORD for every user that purchases the script, for your support forum and automatically email the customer letting them know that he/she has been assigned a USER account in the support forum and and give the user her/his name and password.

If you use the above, then you can leave the forums open to the public if you are using UBB. but set permissions so ONLY people with USER Names and PASSWORDS that match the customer database CAN POST.

Everyone else can only read.
Also, disable the "display users email" option so nobody can post that is not a registered Customer...

If the above sounds good, let me know and delete this post/edit it so others will not know what you are doing as far as security.

This may not be 100% proof, but it is better than nothing....don't you think?

Hope this helps.


Quote Reply
With PERL, nothing is 100% foolproof at all. While these ideas are really excellent, any programmer with a couple days of a PERL tutorial under their belt could simply edit all these measures out of a file.

The only way to make this fool proof would be to include a library that is required for operation that is pre-compiled for the user's system (usually in C or C++). Not-just a key, but a functional part of the program that would be required for its use. Most novice PERL programmers don't bother with such precautions, and if you're programming in C++, you may not want to do your programs in PERL.

Fred Hirsch
Web Consultant & Programmer
Quote Reply
[[[The following are my OPINIONS ONLY derived from my wisdom or lack thereof, so keep your trashing to yourself. If you don't like my posts, don't read them. I respect everyone's opinions even if I may disagree, please return the favor]]]


Yes, nothing is full proof, but I think I need to clarify something here:

1 If someone knows enough Perl to take out the security features he/she would most likely not be the one to steal the script.

If such a person was to steal it, he/she would modify it to look and feel like a different script.

2 Most people might know how to install a script, but not necessarely understand the code etc.

5 The kind of people that would steal a good and awsome script are lazy and uneducated and the chances of them knowing how to take out the security feature is unlikely.

6 Sooner or later this would be discovered and reported.

7 Without any security features ANY SCRIPT IS IN A OPEN SEASON FOR THEFT.

I forgot to mention that there should also be another small piece of code that would email/write-to-a-remote DB the ISP adress of every script the first time the scrip is initialized.

9 If a script is well written, but the NOTES are not included in the files but reather kept by the programmer, then EVEN THE BETTER PRO. PROGRAMMERS WOULD HAVE A VERY HARD TIME FIGURING OUT WHAT THE CODE MEANS. This is true to an extent only however.

Perhaps I shpuld also mention that I have bought a Book that teaches PERL FOR NT IN 21 DAYS, and I have been studying it, so I am not totaly oblivious to the architechture...