Hello, My Company is thinking about releasing a standard image to be used with Parallels but we have a concern about the User being able to copy the image and bring it home to their intel macs. This would be a huge software violation and we would have no way of knowing when they did it. Does anyone know of a way that I could prevent the user from copying the file or folder and still let them have access to read and write to the file? Thanks, Tim -=-=-=-=- MBP 2.0ghz, 2gb, 80gb
Nope. If they can read it, they can copy it. Of course you could always make them sign a promise to abide by the rules, and have a splash screen that warns against taking it home. If you do everything you reasonably can to make them aware they shouldn't, you've probably kept the company out of trouble and made it the individual's problem. Your employees are (hopefully) adults, and responsible for thier actions. You aren't their mother.
You are assuming way to much from my Company... I guess we'll have to scare them with Paperwork and paper cuts! If anyone knows of a way to do this feel free to reply.. Thanks. Timmay
Well, if you really want to get nasty, build in a startup program that checks to see if it's on your local network (by IP range) and if not, silently deletes a critical Windows OS file, perhaps by opening it and writing garbage to a few blocks. This way, if they manage to crack it, the license violation is clearly their problem. Be sure to get them to acknowledge that they shouldn't take it home. Personally, I wouldn't bother beyond getting a signature on a disclosure form. Most software companies are more worried about wholesale copying rather than a few individuals taking something home and running it.
You could put the VM inside of a encrypted sparse image (.dmg). Then have the decryption done by a system keychain.
Hmmm, I don't quite see how that would help, because once the system keychain decrypts the image, it will be mounted on the host machine and the contents can be copied just as easily as if the image were unencrypted.
Maybe creating a special limited user account especially for using this image, and limiting media insertion in this account so that they cannot copy the image to another form of media?
Ah, you're right. I forgot that MacOS doesn't maintain the encryption when copied from one filesystem to another... You could, though this would probably be more effort than it's worth... remove the desktop icon for the mounted volume and deny shell access. They'd still be able to use some third party app to get to the files... but if you intend to be this strict about this, you probably have a launchable application allow list setup in OD already. Once Parallels allows real hdds to be used, the method of using an encrypted sparse image would work fine though. If they took the sparse image home, it'd be worthless. and they can't just grab random files from the windows install any easier than they could while they were running windows.
