• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Suggestion: require developers to list anti-piracy measures

Ridemonkey

Well-known member
#1
This didn't seem to fit in the suggestion forum because it's not a suggestion for the product, it's a suggestion for how XenForo handles add-ons.

I am proposing that developers who list add-ons in the official XenForo resource manager must be required to list any activation/licensing enforcement/anti-piracy measures in their RM listing. I suggest this be a required field when creating a listing.

I feel that it's important for people buying or installing an add-on to know what they're getting. If the add-on is, for instance, substantially encrypted, this might make it impossible to troubleshoot/support if the developer stops working on it. If the add-on calls home every day, this can cause site problems if there are network communication issues or if the developer takes a server down.

This is simply a way to remain transparent about what your add-on does. Developers should be compensated for the time they spend, I just want to know what I'm buying when I buy it.
 

Ridemonkey

Well-known member
#3
For now, you could review the addon and mention it uses encryption X.
Do you mean Ioncube type stuff ?
Sure, Ioncube, or anything else. Does it have a callback? How often is that callback activated? What happens if the callback fails - does it stop the plugin, or break your website, or what?

It just allows everyone to make an educated analysis of the costs/benefits, and nobody is unpleasantly surprised.
 

John L.

Well-known member
#5
When we first released Simple Forms we tried to use ioncube to encode it and it ended up being a general waste of time and money. More issues for regular people installing and eventually it all gets decoded anyway. I have no problem with other developers who utilize a licensing system (we do it too).

So what are we talking about here, custom fields (perhaps checkboxes) for:
  • License Required
  • Encoded Files
Not sure what else one could do really that wouldn't be a gigantic waste of time. Perhaps "External Site Registration Required" could be one if (in our case) you need to register via a billing system of some sort first.

Agree with @Luke Foreman that having the renewal terms as an option would be good to see.
 

Floyd R Turbo

Well-known member
#7
I am 100% for people protecting their IP, but let me ask a noobie question. Does revealing an anti-piracy measure essentially give a software pirate a road map to circumventing it?
 

Ernest L. Defoe

Well-known member
#8
I am 100% for people protecting their IP, but let me ask a noobie question. Does revealing an anti-piracy measure essentially give a software pirate a road map to circumventing it?
A desperate enough or good enough nuller can figure out the callbacks and disable them anyways. Pirates will always find a way if they want to bad enough. I agree something should be done but fighting piracy is like trying to win the lottery......chances are you're not gonna win. When one group gets brought down 5 more pop up.
 

rainmotorsports

Well-known member
#9
I am 100% for people protecting their IP, but let me ask a noobie question. Does revealing an anti-piracy measure essentially give a software pirate a road map to circumventing it?
The anti piracy measures will show up in 3 places, 2 of them will be a bit obvious. The install and uninstall callbacks are the most common places. First things to get checked if its being nulled. Callbacks in the plugin itself for continuous use might not be too obvious though.

You could go the snog route and have an external script do the installing in the first places. This changes the usual routine a bit.

Personally I don't think we should just classify this as "anti piracy" measures. Some of these users are worried about privacy which includes install callbacks reporting data. I would love to have one in my addons just sending me the board url so that I may see work in action. Users would like to know that exists if it does.
 

Ridemonkey

Well-known member
#11
I am 100% for people protecting their IP, but let me ask a noobie question. Does revealing an anti-piracy measure essentially give a software pirate a road map to circumventing it?
As said above, anti-piracy measures are/should be basically like door locks. They're there to keep reasonably honest people out.

I'm fine with implementing some kind of basic check system to ensure that I can't just download a plugin and email it to all of my friends. Anyone who really wants to steal it, though, is going to do so, almost regardless of the checks that a developer puts into the system.

I'm not asking that they cite code lines or anything, just that they state basic measures that are being taken... and yes, that provides pirates a little more information about what they have to circumvent, but it's very unlikely to foster piracy that would not have existed anyway.