*finally checks this thread again*
the opensource element matters because:
Its a VoIP client/phone dialer that logs phone call info and sends the data back to the server.
If its opensource, you could simply (and easily) remove phone dialing elements and replace them with dummy functions; and compiling your own client. This client then can make a 'phonecall' which doesn't actually do any dialing (therefore costs nothing) but still can look 100% authentic in claiming that it just earnt 20 minutes credit.
But no matter, after some thought I've come up with a REASONABLE solution - make the RMI calls between client and server include a request for certain bytes @ random from teh .exe
Kinda like the old games which said 'line 7 page 22 of manual, 57th character'
That way at least, if the source code is recompiled as outlined above the server has a chance of detecting an imposter, as the server would keep a copy of the .exe on hand too to verify against.
then tehre would be no need for encrypting the information
its still possible to fake, requiring another copy of the program and changing all the references from 'this .exe' to 'that .exe', but its better than nothing i suppose *sihg*.
