Develop Reference

Does the ASHWID change if the BIOS is upgraded?

Microsoft provides a method to get an ASHWID (App Specific Hardware ID) which has many components, one of which is some kind of BIOS ID.
http://msdn.microsoft.com/en-us/library/windows/apps/jj553431.aspx
Does that BIOS ID change if the user upgrades the BIOS on their computer?
RANT:
I don't understand why Microsoft makes getting a unique ID for an OS installation so complicated for Windows Store Apps. Android is so simple, when the Android OS boots the very first time they generate a GUID (see http://developer.android.com/reference/android/provider/Settings.Secure.html#ANDROID_ID) that never changes. Why doesn't Microsoft do this?

First of all, that value changes with factory reset in Android.
Second of all, try checking out EasClientDeviceInformation.Id. It uses a combination of the MachineId (local user group SID), the UserId, and the Package Id, but doesn't give you the whole thing.
This is good because Thirdly, giving devs access to use them directly to generate things like crypto keys can lead to other apps getting your apps keys, like has happened on many iOS devices. By limiting what device id's you can use, they're making it so that you must use a system resource that is literally only accessible from inside of a given application with a given Id from inside that user's account. The Windows Store is very strongly sandboxed for exactly this reason. While it can be a pain sometimes, it makes the platform much more secure, which is a huge boon.

Where is the guideline that says you shouldn't write to the Program Files area?

Many questions on SO say "Windows developer guidelines" or "windows design guidelines" say that you shouldn't write temporary or program data to the Program Files area, but as far as I can tell none of them actually link to a piece of documentation that says as much. Searching the MSDN has yielded me no results. Windows will make the area read-only, so it can be enforced by the OS, but that doesn't mean developers didn't try to write there anyway (e.g., when porting older, XP and earlier based programs forward.)
I realize that it seems odd to ask about it this late into Windows development (since, as a commenter below pointed out, has been enforced by the OS for more than a decade), but a document that says so is sometimes necessary to satisfy people.
With that in mind, Does Microsoft have a document published stating we shouldn't write application data to the Program Files area, and if so, where is it?

From Technical requirements for the Windows 7 Client Software Logo Program:
Install to the correct folders by default
Users should have a consistent and secure experience with the default
installation location of files, while maintaining the option to
install an application to the location they choose. It is also
necessary to store application data in the correct location to allow
several people to use the same computer without corrupting or
overwriting each other's data and settings.
Windows provides specific locations in the file system to store
programs and software components, shared application data, and
application data specific to a user:
Applications should be installed to the Program Files folder by default. User data or application data must never be stored in this
location because of the security permissions configured for this
folder (emphasis added)
All application data that must be shared among users on the computer should be stored within ProgramData
All application data exclusive to a specific user and not to be shared with other users of the computer must be stored in
Users\<username>\AppData
Never write directly to the "Windows" directory and or subdirectories. Use the correct methods for installing files, such as
fonts or drivers
In “per-machine” installations, user data must be written at first run and not during the installation. This is because there is no
correct user location to store data at time of installation. Attempts
by an application to modify default association behaviors at a machine
level after installation will be unsuccessful. Instead, defaults must
be claimed on a per-user level, which prevents multiple users from
overwriting each other's defaults.
And I'm quite sure that there's similar stuff for every Windows version of the NT family going back to Windows NT 4 or even earlier.
See also this question.
Edit: the original link in this post to the Windows 7 Logo program exists no more. Here you find the current link to the Certification requirements for Windows Desktop Apps. See Section 10, Apps must install to the correct folders by default

In later versions of windows (Vista, 7 and of course server versions) access permission are restricted for "special folders" including "Program Files". Even if your program is elevated to have sufficient privileges to write to this folder it is still a bad idea.
I don't know of any guidelines that state this but there is a list of special folders and what they are meant for. The fact that there is a special folder for nearly all types of data I can image means there is no need to use the program files folder.

How to create user with access only to one given folder?

I need to make "sandbox" to run scripts and applications (PHP, Perl, exe files, Ruby, and so on). But interpreters needs to be accesible to run and only one folder can be accessible to be changed. Also it will be great to allow application to be launched with quotas on hard drive. What do I need to use in this case?
I need solution in C#

You could just setup windows Security to allow this, select the folder you wish the user to access to and set permissions on it (right click, properties, security). The problem with this approach is you need to find all other folders and revoke access to them if you don't want the user using them (ie EVERYONE and USERS access).
Alternativly have a peek at the WinJail package which does as you require. (CHROOT/JAIL implimentation for windows).

You might need to create some sort of virtual drive.
Look at this
creating virtual hard Drive
and a csharp library to play with virtual drives
http://dokan-dev.net/en/
Hope this help

You can set a filesystem filter on all file operations and control them this way, but such wide filter will slowdown operations significantly, especially if checks are done in user mode (via callbacks). You can test our CallbackFilter product, which lets you do the above in C#, but be ready for slowness.

Cross-platform File sync tool

I am developing a webapp that will be used on LAN mostly. I have different locations where I deployed this app. Some of the locations run windows and some run linux (no x-window system). I need to know if there is a software out there that could easily synchronize my files stored somehere in the cloud (the clouding service can be provided by the app developers or to use different clouds) on both linux and windows machines. My english is a bit rusty so i'm going to explain this in simple words.
I will work on my local machine. I want to upload the files somewhere on the cloud and the clients installed on the LAN servers should synchronize the files. The client must be available for linux under console (as a daemon if possible) while on windows it can be something like dropbox or ubuntu one.
Does somebody know of such an app?

Dropbox is available for Linux.
You could also investigate unison.

I think "Git" is the best solution to develop your project in different machine.
You can sync your code with easy command through this app, and it will record all the version of your code.
Just google "Git tutorial", and you will find many useful introductions.

I think there is a great tool called Syncthing should be considered after 8 years.
https://syncthing.net/
Syncthing is a continuous file synchronization program. It synchronizes files between two or more computers and replaces proprietary sync and cloud services with something open, trustworthy and decentralized. Your data is your data alone and you deserve to choose where it is stored, if it is shared with some third party and how it's transmitted over the internet.
Check the list of Syncthing's goals for more details.

Install only on one machine

There is a Windows program which is downloaded after entering a valid serial in a web page. Now, I want to limit the user to install the program only on one single PC, the one he or she installed for the first time.
I need some advice on creating a such system. Thank you.
P.S. Serial key must be entered on the web page instead of the installer.

Sounds like you need to create a downloadable activex control program that will run on the client's machine in which it will interrogate:
MAC of network adapter
Windows Version, including SP
Hard disk serial number
Processor make and CPU type
And relay the information back to the website, then generate the key, and attach the key to the download installer and permit the user to download the installer in which the key is then read in at run-time and checked against the machine that is running on.
The only thing is the ActiveX must be written in C/C++ as you cannot do it on the .NET language as that is assuming the client's machine will have the runtime installed which IMHO is a dangerous assumption.
Hope this helps,
Best regards,
Tom.

The usual solution is:
Create a hash describing the system (don't know the exact way to get it though, GIYF) & combine it with the serial, so when the user installs the program he has to enter the serial, then gets a key he has to enter on the website which splits the entered key into the serial and the system hash and checks if the system hash and serial match the stored ones and then returns another key (or an error if the serial was already used) he has to enter into the program.
Using the Mac Adress as a system key is not a good solution as it can easily be faked.

Base the serial number on some hardware configuration. If the hardware changes, then invalidate the serial number. Microsoft windows uses this type of approach during the activation of the product.
Hope this helps some.

If you write a custom installer then you could send an acknowledgement to your web server upon successful install that sends a serial # generated from the hardware, and the serial # they used to download the file.
Then if you find the same serial # but a different hardware serial, you can send a response back saying that you could not activate the software...
EDIT
Here is some info on getting hardware info (assuming a .NET environment, but you can find similar for the environment you are using).

You could try blocking the key on install and unblocking the key when they uninstall. That way they can only use the key once between each uninstall.

set up a web service and database ... they have to validate to be able to install. the problem with your model at the moment is that you are protecting or hiding your software behind the server. You want peopel to have the software even if they cant use it (usually). the serial key stage should be there to unlock the software at runtime.
Its the only model that works for computer games.
You need to poll various pieces of hardware to generate a guid, hash it against a product key and you have a reproducible yet complex and hard to forge piece of data.
http://edn.embarcadero.com/article/26040 A link to the .com interfaces to get at the guids
an alternative would be to use something like sysinfo or dxdiag and save the rseults to a file ... hash it and use that as the serial. A lot less coding involved - but a bit messier.
Store this and issue the installation key - easy to spot and manage reinstalls then.
Ie you really don't want to go 'computer says no' - its really a marketing opportinuty