Let’s say, after the first installation of CPF, the key is successfully generated, passed on to Comodo, verified and OK’ed - will this process have to be repeated for successive installations of CPF?, or will the end-user have access to the key and be able to merely use the same key again for a future CPF installation (as they can now with the use of their Activation Code)? E.g., the hard drive had been replaced or re-formatted and everything had to be freshly installed.
By your last answer i must understand as: CPF will use the unique motherboard (CPU, etc.) numbers to generate the key. I know that some software vendors alreay useing a per unique pc (hm, fe. even some OEM softwares) but this mightn’t be too good because of private policy problems. What i want to say (or the competitors, etc.) that you might be able to identify the computers - and so the user.
As i see, you really can’t live without an online connection. What is the main reason you wouldn’t allow offline setups?
Internal code in the SETUP.EXE generates a unique key (based on date/time of install and the download session used to download the executable), but the key is not user or PC dependant. The key is written out to a file and CPF can then do a check for a net connection. If a connection exists, send the key. If the connection does not exist, do nothing except remind the user that the installation has not yet been activated but is still fully functional. When a connection does exist, offer the user the opportunity to validate the install.
This way, Comodo can accurately track the number of times each download is installed (from the download session key and the date/time of install, resolved back to GMT to get around time differences) and the user is not inconvenienced with faulty activations.
After i read the blog (a link was at this forum somewhere /download.com or what :)/) about how interessting ideas there are to stop wireless hacks and the case with MAC address hacking, it’s an interessting question. But anyway, the MAC address IS (or should be) an unique thing.
You should create a better licensing system, where i - with my own datas - can get a x quantity of licenses! So i’d be able to install the softwares faster then 1-1 user.
we know exactly how many downloads take place from our website. We don’t know how many downloads have come from other sites, magazines etc. Majority of the downloads come from other sites and not our website.
That would work, and I wouldn’t worry but why the MAC address? Some people don’t like the thought of something physical indentifiable with them being used in authentication, and MAC addresses can be spoofed anyway.
Another unique identifier thiat is user of hardware independant is the location that the setup.exe is launched from. This could give you a third unique factor (along with date and time resolved to GMT).
Me personally, I don’t care. What MAC address would you like? LOL
But, people do get a bit leery about an authentication that includes some tangible details about something they can physically pick up and belongs to them - that it’s personally identifiable as their property.
What damage they think you can do with a list of disparate MAC addresses is beyond me - but the fear is out there.
Actually, creating a random number by the current date won’t make the users unhappy. I saw a program long time ago which generated the numbers by moveing the mouse pointer :).
MAC: it’s a simple thing, competitor can say “what if the bad guy tooks your serial number, tracks down the MAC address and he can hack into the computer with a fake MAC?” (i know that this might have around… 0,0000… 1% chance but so nice to say…). I also wouldn’t wonder if they, their fans here (i bet there are some) and some of us (users) disagree with the idea: without a good explanation.
Multiply install: Melih, actually, now as i’ve created around 30 pcs for our users, i really missed a good commandline parameter :).