I would like to implement a Run-time license checking mechanism that will enable or disable some parts of my LabVIEW API depending on a license status.
After reading numerous discussions here on the forum (We need a new password cracker :( , Low level VI data editor (warning: not for production use!) , I found some more hidden INI keys, Password Security in LabVIEW) I realised few things:
- reverse engineering in a LabVIEW-related field seems to be a doable task for some smart people,
- password protection on block diagrams does not protect your IP, it is more of a "read-only" or a "private property" sign,
- removing block diagrams or compiling it into an executable are the ways to go, and finally,
- there are few tools out there, that seem to have a potential to "unflatten" VI data and modify/extract its data even without block diagrams.
Back to my task. I decided to remove block diagrams. Inside my protected VI I call an external library that does the actual license checking. So the code only gets this status and returns it back to other VIs. Then the VIs do not perform their main functions, and the user gets an error.
Do you think I am safe here?
Is it possible to extract sensitive string information out of my VIs (without BD)?
Is there a way to change wiring rules/connector pane on my VIs?
Should I worry about DLL hijacking?
Does NI have some kind of a tutorial for protecting your run-time API?
How do you protect your API knowing all that? Do you sleep well?
NOTE: while typing this up i found my solution but decided to post anyway in case it may help someone else
I decided to quit beating my head off the keyboard and ask for help...I have a vi that will eventually be an .exe distributed across a variety of windows xp to windows 7 machines (32 and 64 bit). In this vi a bunch of data is saved to a .tsv file at C: i then need to open the .tsv file in excel. After some searching i found System Exec.vi. it initially seemed to be my silver bullet because if i open command line in windows and type " excel.exe c:temp.tsv" Excel is opened (and this should work across different versions of Office). BUT with system exec.vi i get an error "Error 2 occurred at System Exec.vi Command was "excel.exe c:temp.tsv" Possible reason(s): LabVIEW: Memory is full." blah blah blah...
If i replace "excel.exe" with Notepad it opens the data no problem with notepad but i need it to be in Excel. i read about using "cmd /c" and attempted to no avail
Here's where i found my issue... it is "cmd /c" NOT "cmd c" ! so i used "cmd /c c:temp.tsv" and voila it opens with the default program for .tsv (which is obscure enough that i can make Excel a default on all of the computers in the building) for some reason cmd /c excel.exe does not work to open excel. i found this odd as excel.exe entered directly in the command line will open excel regardless of which version you have installed, but i believe i can live with this.
By Ton Plomp
On Stackoverflow someone posted a question on how to recover a VI's password
To my surprise there was a thorough answer containing two methods:
Look up the stored MD5 hash in a VI file
I can understand this, and am not really concerned, this might be a valid method if you know a password is from a given list (choosing a password from a dictionary is dumb anyway).
Modify the LabVIEW executable binary to ignore the password checking.
I have not tried this on LabVIEW 2011, but if this works it basically means that passwords are just a sign that says 'Do not trespass'
Can anyone verify the LabVIEW edit function in 2011.
On a more general discussion, does this troubles you anyway?