Protect my script

I’m working on a script for a client of me.
I know that I can protect the script code by saving it as a run-only application.
But is it possible to protect the script or part of it with a serial number?
Or build a trialperiod in it?

The issues with protecting your script are the same as those for protecting any application. There are numerous ways of doing it, with varying degrees of strength and varying degrees of ease of circumvention.

The first thing to be aware of with AppleScript applications, though, is that any string objects you store in your app are easily readable, so don’t use strings if at all possible.

For a time-based trial period, you can use something as simple as:

Although it looks like you’re storing a string, when compiled the script will store a date object which isn’t obvious from looking at the .app file.

You could use a property value to store the first run date and use that as a basis for comparison. That way the app self-expires a certain number of days after the first run, rather than on a specific date.

If using a serial number-based system, you need to generate a serial number system that uses a checksum to detect valid serial numbers, otherwise it would be easy for a user to enter any string and find a possible match. You also need to decide the limits of your licensing - is the app licensed per-machine or per-user?
If per-machine you need to encode some lock to the machine so that the user can’t use the same serial number on a different machine. If per-used you need some way of associated the username to the serial number to trace back shared serial numbers.

For example you might somehow encode the machine’s MAC address if locking the app to the machine. For example, the following script will generate an MD5 hash for the machine’s ethernet address:

do shell script " ifconfig en0 | grep ether |md5"

You can use this string to semi-uniquely identify this machine. This value can be used in numerous ways to verify the app is running on the same machine it was licensed for.

This is only scratching the surface of serialization. You need to determine how much time you want to invest in protecting your application, along with how much time you expect users to try to break it.

I agree with that, camelot. I think I will stick to the time limited version. That’ll be enough for average users. Allthough you could make a time sinc via internet and the sytemprefs controlpanel of OS X before doing the expirationdate code.
Anyway, thanks a lot. This will work for me.

btw I found a piece of code for serializing the app.
I haven’t tested it yet, but here’s the link