12/04/2006 2451 views
What's the best practice regarding package theft?

I have been deploying my applications (with embbeded serials numbers ) from a hidden share with read permission to everyone. Everything was working fine until some people started stealing packages to install at home / on other computers.

So, how do you protect your package in a medium size business?

I've read about Custom Action testing if userdomain = yourdomain. I like that idea, but it's far from being bulletproof.

I've also been told not to embed serials in the package. Does that mean that if I deploy to 1,000 PC, an admin has to go enter the serial on 1,000 PC?

Does anyone has any insight on that problem?

0 Comments   [ + ] Show comments


Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

All Answers

Tough question...
A few pointers -
Acceptable Use Policy - "if you're caught stealing software then..."
If you plan to remove licence info from your MSI's it depends on the method employed by the Software Manufacturer as to how you might still deploy silently.
A common solution to licence key information that is in plain text in the registry would be to replace the string with a Public Property (e.g. [SERIALKEY] ) and then set this at the command line in your deployment solution.
But this is not a one size fits all fix...
Good luck.
Answered 12/04/2006 by: AB
Purple Belt

A company must be able to trust the employees and if they steal or borrow without permission that would break the company policy if any and should be informed to their closest chief.

At company level deploying packages with MSI integrated or transformed serial and license info would normally be done default, so don't see why you shouldn't. It is not your call as an employee to decide how to prevent theft!
Answered 12/04/2006 by: AngelD
Red Belt

would specifying the serials in the mst, and then specifying that the msts are secure transforms work in your environment ?
Answered 12/06/2006 by: hambone
Senior Yellow Belt

I don't think the problem lies in securing the cached mst but the source of the installation including any transform with defined serialnumber property. As the user will need read permission on the source to be able to repair missing/corrupted files you will not manage to go another way.
Answered 12/06/2006 by: AngelD
Red Belt

Depends on how you are pushing the apps too, we use NS that copies the files as the ns user, remove the ntfs permissions from anyone except the user/system account pushing the files.
Answered 12/20/2006 by: lkeneston
Senior Yellow Belt

is there a way to encrypt this serials??

just asking.. ^_^
Answered 12/20/2006 by: monster
Senior Yellow Belt

Why not just remove browse rights from the share?
Answered 01/05/2007 by: twaddle
Yellow Belt