Lockout program - any suggestions

yop

Guys,
I was asked by a chap to write a wee program that would sit on each pc that he wants to after 30/60 days pop up and requires an activation code, otherwise this will lockdown the pc.

I have to admit I have not done a hell of a lock of searching, but A) is there a program out there that does it already, b) is this actually possible?

The program will have to run in the background and not be available to them to allow them to kill it in Task Manager.

Any potential pointers for the program. Probably be wrote in .NET.

Thanks

MOH

Not sure that it is possible, but it sounds a bit dodgy? Can't think of any legitimate reason it would be useful?

yop

The guy sells PC's, he sells them with 30/60 days credit, don't ask me why, he just asked me to either write something or to find a program.

He wants after 30/60 days, that a program pops up so that the buyer has to input an activation code, if they don't it will not let them operate Windows.
I think he may have been caught out a few times already.

Gurgle

yop wrote: »

Any potential pointers for the program. Probably be wrote in .NET.

Pointer: Don't write it in .NET
Use a proper programming language.

hobochris

Surely the client can just wipe the entire OS and put a new one on and completely bypass this measure.


The only way to do this effectively is to modify the BOIS and that would be no simple task.

NeverSayDie

This doesn't sound like a very feasible idea in the first place, but if you really want to attempt something like that, a Windows admin/config solution would probably make more sense than a piece of custom software. Have user accounts expire or something I suppose, and don't give the user an admin account. Reinstall of the OS will solve that one of course, assuming they're so inclined.

Short of writing some kind of rootkit/BIOS fiddling, I couldn't see there being a robust software solution. Tbh, your client might get a better return by looking into legal options rather than software ones, or just finding a more feasible business model altogether.

Gurgle

hobochris wrote: »

Surely the client can just wipe the entire OS and put a new one on and completely bypass this measure.


The only way to to this effectively is to modify the BOIS and that would be no simple task.

doh!

yop

hobochris wrote: »

Surely the client can just wipe the entire OS and put a new one on and completely bypass this measure.


The only way to to this effectively is to modify the BOIS and that would be no simple task.

I told him all that but he claims that they are not savy enough to do it, thats his problem if they do.
I looked at the BIOS route alright but its a bit too messy.

AS you said the legal route is probably the best route for this guy, but I am not sure what is angle on this is.
If they sign a credit agreement then they should have to pay by the 30/60 day mark or he follows them.

The user account is one route for sure, but then if you buy a PC its yours and you should not be limited to one user I would think.

Also everyone knows someone "in computers" who would wipe that and reinstall the OS so I think he is piss*N against the wind with this.

But if they chap wants it and wants to pay for it...

.NET.... so you are linux/ JAVA head are you Gurgle

Ronan_

Does playing with the BIOS like that affect the warrenty of a machine?

yop

Ronan_ wrote: »

Does playing with the BIOS like that affect the warrenty of a machine?

Not sure Ronan, I am not going near it.

Gurgle

yop wrote: »

.NET.... so you are linux/ JAVA head are you Gurgle

Tongue in cheek comment
c / c++ would be the contents of my toolbox, 90% firmware development and the 10% windows apps is mostly hardware interfacing so its never been worth my while learning .NET

--amadeus--

Off the wall suggestion...

Could you have something that triggers after 30/60 days that resets ALL of the users passwords?

If they can't logon they can't use the machine. If they are on a network you'd need it to diconnect from that so they only have local logons.

yop

Gurgle wrote: »

Tongue in cheek comment
c / c++ would be the contents of my toolbox, 90% firmware development and the 10% windows apps is mostly hardware interfacing so its never been worth my while learning .NET

LOL I know. I wouldnt be strong enough to develop it in C++ but as a wee project it might a good start.



amadeus - Good idea that. That is a way of doing it. The user would have to bring the PC to the shop to get reset.
Still leaves it open to been wiped though.

rob22

if it's under windows you can use the net command in dos to restrict user login times to say 4:00-4:01 AM, but don't forget you'll need an admin login as well to reset this.

As others mentioned the only proper way to do this would be to password protect the bios but this can also be reset (usually by jumper on motherboard) it's also difficult to write software that will cope with different bios settings.

hobochris

Another solution for this problem could be using a gsm relay control to knock out the power to the machine completely and remotely.

Even though it might be overkill a little though.

yop

hobochris wrote: »

Another solution for this problem could be using a gsm relay control to knock out the power to the machine completely and remotely.

Even though it might be overkill a little though.

Jebus Chris your a right little Mc Gyver!!! I think it might be alright to be honest.

Ya the jumper for the BIOS I had thought of, really he is caught with this. IF he think "A" program will do the job then fair enough, but I can't buy or develop a 100% water tight solution here.

Martyr

coreboot?

ressem

There's the computrace stuff, which requires that the BIOS is modified at purchase time, and paying a subscription.

Civilian_Target

How about replacing the bootloader, so that after 60 days it demands the code at boot time?

I would be very surprised if such a thing does not exist

yop

I will mention them programs to him lads.

The bootloader sounds interesting, is that customizable?

Genghiz Cohen

hobochris wrote: »

Surely the client can just wipe the entire OS and put a new one on and completely bypass this measure.


The only way to do this effectively is to modify the BOIS and that would be no simple task.

Change the Boot Order (Set HDD first), set BIOS Password.

hobochris

Genghiz Cohen wrote: »

Change the Boot Order (Set HDD first), set BIOS Password.

then the user needs the password every time they want to use the machine.

Problem their is they shouldn't be given the password unless they've paid for the machine.

bootloader my be worth a look.

amen

this might actually be illegal.

If I purchase a stairs from a supplier and don't pay him he can't just take it back. He has to go to court to get the stairs back or his money.

It might also be illegal by installing unauthorised software on the pc.