robinbloke: (Default)
robinbloke ([personal profile] robinbloke) wrote2007-06-25 10:39 am
  • Add Memory
  • Share This Entry
  • Current Mood: busy
  • Current Location: Work
  • Current Music: Wham - Club Tropicana

Brain... freeze....!

Anyone know an API (preferably Win32, yes, sorry, I know) or way I can get the Processor Serial Number, I need a reliable unique number to use with the hard drive serial number for a license key system I'm writing.
Flat | Top-Level Comments Only

[identity profile] robinbloke.livejournal.com 2007-06-25 09:49 am (UTC)(link)
Hrm, didn't know that about the PSN; I was going to use the HDDSN and the PSN ideally as if I use the MAC address I can't guarantee a) how many cards (if any) the machine has, but given most systems now have an onboard card it is probably safe enough.

cheers!

[identity profile] briggsy.livejournal.com 2007-06-25 09:55 am (UTC)(link)
Also, because the MAC address can be spoofed in Windows, but only via the registry, you need to do the funkyness that is (1) read and store the registry MAC address. (2) delete the registry MAC address. (3) request the MAC address via whatever API provides that, which populates the registry with the correct hardware MAC address, and presumably provides it to you, then (4) rewrite the stored MAC address to the registry to restore the previous setting.

This isn't some innate knowledge, just saw it on a forum when verifying that the PSN was turned off.

[identity profile] robinbloke.livejournal.com 2007-06-25 10:31 am (UTC)(link)
Yeah; I know the MAC address can be spoofed, but without a lot of time and hassle (which sadly I have little of the former) it's not going to be secure, need some numbers. Hopefully the HDD will be enough, the BIOS and CPU would have been perfect but getting them seems pretty difficult and very unreliable.

The class I'm building however I'm going to give some generic seeding functions so that if I find some other useful values I can use them instead.

[identity profile] sesquipedality.livejournal.com 2007-06-25 11:26 am (UTC)(link)
I was going to say, don't write licensing yourself, buy it. Anything you have time to write will be easy to trivial to circumvent. However, I bet your company doesn't want to spend money either, does it?

[identity profile] robinbloke.livejournal.com 2007-06-25 12:19 pm (UTC)(link)
Indeed so; as far as it's concerned we are coders therefore we provide all the code. Took me long enough to convince them to buy in support for the barcode system I wanted to save us from compatibility hell.

That said it's not really going to see serious attack (as far as I can predict) and anyone who was serious enough to want to circumvent a serial number/security system would be able to break the code wide open and disable that section anyway.
Flat | Top-Level Comments Only