I did not say that I did not get an answer just not a satisfactory one. That support agent may not have been familiar with the search patten you recommended, I was not, and I have been using the internet before Al invented it.
That search has found lots of sites just not the one(s) I would like to look at.
So far it’s looking good. Response time has been good.
I had also look at Kagi, had used them back in the prehistoric days( OS 9 ). They have not responded to question from over a week ago.[/quote]
I haven’t seen any new apps selling with Kagi, so the lack of response may be a sign.
Kagi used to provide a good service many years ago, but then they stopped to innovate and others like FastSpring exploited this Kagi shortcoming. In fact, many years ago I switched from Kagi to FastSpring exactly for the lacking of enhancements on the Kagi service.
That said, I always had a fair and precise service from Kagi, despite of the lacking of features and unwillingness to modernize the platform. Maybe now they are worse because of the pre-zombie state.
It’s some years now I don’t use FastSpring anymore (but not because I don’t like it), so take my opinion for what it worth.
I used the AquaticPrime licensing and this worked for both Mac and Windows. The Xojo code to support AquaticPrime was initially ported by me from Cocoa and then integrated with Windows support and some bug fixing from @Thomas Tempelmann
Linux I did not use it, but possibly it can can be added.
Had no problem at all with the above licensing method.
AquaticPrime seems easy enough, but one thing that prevents me from using it is that it does nothing to prevent a single user from putting the application on as many machines as they want. For the developer tools that’s not a real big concern, but for consumer apps this could be a disaster. In esellerate I could stipulate how many machines a single license could cover.
Well, implementing what you want is like opening a can of worms, I tried.
To tie a license to a machine you have to collect a hardware/software profile. This is doable but it’s a very bad experience for your users, I don’t suggest you to do this.
The most balanced way I found was to use the AutoDiscovery class from Xojo to let the machine to talk and enforce only the number of allowed licenses. This permits the user to easily use the application only on (e.g. one) machine at time (Xojo style).
Of course this method can be easily made ineffective (turning off the network, use Little Snitch, etc.) but in the end for the casual pirate still works.
In the end the trick is finding the best balance among user experience and safety.
There is a lot of literature on this and no magic solutions.
Btw, even the eSellerate way is not piracy-proof. The bad on this kind of unified solution is that if someone find the way to workaround it, the trick is valid for ANY application protected in this way. This already happened in past with eSellerate.
In my experience, the worst scenario was not the user using the same license on more than one machine, but the crackers and serial number spreading on the net. Even the for casual pirate was easier to pirate than to buy.
So, make it reasonably secure to discourage casual pirates and invest your efforts in your product instead of protections.
I did this for 10 years in eSellerate. I had few, to no problems.
I never said eSellerate was foolproof. It’s worked, though, for many years for us and clients. Now that they’ve announced they no longer support Xojo and it’s time to move on to something else. Just doing my research.
[quote=218229:@Tim Parnell]I would roll your own server side activation system.
AquaticPrime is just as easy to defeat as eSellerate. Both have pirated versions of the framework that can be dropped in to activate the target app.[/quote]
The trick is not providing it as a framework. This proven to be very insecure, though with signed apps is now harder to tamper.
The Xojo way is to embed it into the code and with some simple countermeasures, like simple negative-testing it becomes more secure.
In the end everything can be cracked, the problem is just how easy is to do it and if this worth the efforts. The eSellerate problem is just that breaking one you rule them all.
I experienced a lot in cracking and studying how the protection schemes works and one thing I learned is too many applications makes very naive use of extremely sophisticated protection schemes. I’m pretty sure a simpler technology used in the right way can provide better results of naively implementing complex approaches.
And the latter very often also provide the most inconvenience for the regular users instead.
Said that, I agree on the fact everyone wanting a remote activation system should roll his own.