newbie questions

1. I am writing an app in C#. Should I use the Turboactivate dll or the exe ? the exe is much much easier to use butI am wondering is there is a drawback

Well, you'll be using TurboActivate.dll in your app no matter what (at the very least to check if the user is activated, is genuine). You can use the TurboActivate wizard (the exe file) if you want. It certainly simplifies things. And you don't have to recreate the wheel.

2. Why should I call the IsGenuine function anyway? Since the product is activated why do I have to hassle the user? or is that in case that the user somehow bypassed activation and I can get him by calling this function ?

If you want to use the ability to remotely deactivate users and revoke product keys (from within your LimeLM account) then yes you need to call IsGenuine(). We recommend calling it every 90 days. We're making this easier in TurboActivate 3.3.

3. Should I in my app's EULA include a clause related to Turboactivate?

Well, you don't have to. And if you do it doesn't have to be specific to TurboActivate, just how you're licensing your app. Consult your lawyer.

4.Should I also obfuscate my app for extra protection?

No. Obfuscation is a waste of time and money. All obfuscation can be undone by a single click by any one of dozens of tools.

I am afraid that if I don't then it would be trivial to find where the protection is, hence patch my app and bypass any protection!

All apps can be cracked. There's nothing you can do about that. It's just the nature of computers. But stopping cracking isn't the point of licensing. The main point of licensing is to prevent "casual piracy" -- that is, key sharing. We go into this in-depth here: What is hardware-locked licensing and why choose LimeLM?

about the obfuscation part, I meant that because of the nature of the .NET applications that someone can easily disassemble it and get to the IL and then to the source,so he can easily find where I make the calls to Turboactivate and just change that part of the code for example always return true I though that by obfuscating/hiding the code this would be more difficult to do.I don't know if that makes any sense

I don't know if that makes any sense

Yes, I understand what you're saying. But obfuscation does nothing. That is, lots of companies sell obfuscation products. And these companies *claim* it can "protect" your code. But none of these products can actually protect your code.

Obfuscation is absolutely worthless. Everything these obfuscators do can be undone with the click of a mouse and any one of dozens of freely available tools. de4dot is a good free tool to undo almost every single obfuscation product on the market.

Unfortunately companies lie to unsuspecting customers by selling them this junk. Please don't fall for these lies.

I meant that because of the nature of the .NET applications that someone can easily disassemble it and get to the IL and then to the source,so he can easily find where I make the calls to Turboactivate and just change that part of the code for example always return true

You're describing cracking. Customers don't crack and crackers don't buy. Don't focus on crackers. You can't stop crackers.

You can only increase revenue by preventing casual piracy (key sharing) -- that's what LimeLM does.

that should be the most honest reply I will ever get and that's what makes you guys stand outOne final question.why would I want to revoke a key ? is that something to do with recurring payments?

why would I want to revoke a key ? is that something to do with recurring payments?

Well, that's one use of revocation. Our customers use revoking product keys for many purposes. For instance if you accept purchase orders then you deliver the product keys before the customer pays. But what if the customer refuses to pay (or is inordinately slow about it)? Well, then revoking the product key is the best option. This way if the customer eventually does pay you can just un-revoke the product key (as compared to deleting product keys, where you'd have to issue new keys and go through a large customer's bureaucratic process again).

There are many other uses for revoking keys. Just think of it as deleting product keys temporarily.