Login / Register 0 items | $0.00 New @ KVR
User avatar
raysaul
KVRist
 
56 posts since 15 Jan, 2017

Postby raysaul; Sun Jul 23, 2017 2:05 pm Re: More copy protection...

Zaphod (giancarlo) wrote:
Now read again what I posted. You are basically agreeing with me. The model you are speaking about is working for very small companies (3 guys in the best case).


I always wondered who actually earns more, you (and the likes of Relab, Empirical Labs etc.) with your expensive, heavily protected stuff, or Valhalla, Sonimus or Audio Damage with their reasonably priced, basically unprotected stuff.

If we knew those numbers, then we'd have a better idea of how vaulable copy protection actually is.

I'll go to sleep now, contemplating that.
User avatar
Zaphod (giancarlo)
KVRAF
 
2395 posts since 23 Jun, 2006

Postby Zaphod (giancarlo); Sun Jul 23, 2017 2:12 pm Re: More copy protection...

Number of employees is more or less public.
Google a little bit and you'll know a bit more about company sizes (when they are decently sized)
Most of companies have a public balance, you can query it. There are no secrets.
Kylotan
KVRist
 
34 posts since 11 Apr, 2009, from Nottingham, UK

Postby Kylotan; Mon Jul 24, 2017 6:30 am Re: More copy protection...

It is not necessary to use HTTPS for non-sensitive pages. (That said, the acustica-audio one does seem to ask for an unprotected login, so that should probably be fixed...)

It is also a bit bizarre to act as if the status of someone's website should influence whether they would want to copy-protect their work. It sounds more like someone just doesn't like software developers.

Whining about people's prices is also pretty dumb. Not only are audio plugins a completely optional product, but they are one of the most diverse and competitive markets around. If you think one product is 'overpriced', then buy a cheaper one, or use freeware - there's plenty of choice!


While I'm here: another reason to favour copy-protection is that it can actually reduce support costs. For some reason, users who have no shame in taking the software for free still seem to often contact a developer for fixes and advice. Better copy protection means that fewer of these people are able to run the program and then demand free support for something they never bought.
User avatar
raysaul
KVRist
 
56 posts since 15 Jan, 2017

Postby raysaul; Mon Jul 24, 2017 11:44 am Re: More copy protection...

Kylotan wrote:It is also a bit bizarre to act as if the status of someone's website should influence whether they would want to copy-protect their work.

I never made that connection, you misread me there.

You see, irritated by my experience with Acustica's website yesterday, I noticed that it wasn't just very buggy, but also unencrypted and went to check other similar websites without checking them deeper (I just checked the frontpages, which was wrong).
When I noticed that all of them didn't have a basic https encryption implemented, I got furious because it does look like they just don't care, that's what I was saying there.
It is now clear to me, however, that most of those websites have some pages encrypted, some not, while all of them seem to have their stores protected, which is good.
However, a number of them could have the user login/accounts compromised, or at least that's what my browser is telling me here, so I do think there's room for improvement in that department.
Therefore I apologize for being a bit quick to judge there.

With all that said, I firmly stand behind everything else I said regarding copy protection, warez, developers' wrong priorities, plugin prices, misjudging customers, business strategies etc.
I rarely engage in such discussions since I have a lot of work to do, but this time I felt provoked by the sheer arrogance and inflated egos of some people here.
Throughout the years, I read countless threads and arguments on this topic and tend to now get annoyed when I see that some still insist on what are, IMO, less than elegant views and attitudes and continue to shove them down people's throats.

It's beating the dead horse, and I feel the time is ripe to evolve this weary old discourse and take it into a somewhat more courageous direction.

But include me out, I can't waste that much time on forums.
User avatar
aciddose
KVRAF
 
11810 posts since 7 Dec, 2004

Postby aciddose; Mon Jul 24, 2017 7:16 pm Re: More copy protection...

You have to take into account that not only are the developers for the website, CMS and similar possibly different developers entirely but so are the authors of the DSP, GUI and copy protection portions of a plug-in.

If you take a more positive outlook and ask the web maintainer/administrator why HTTPS isn't supported with an open mind about the issue you might get some insightful replies for your query.

If you go about things with a predetermined conclusion in mind you probably won't learn much.

For example xhip.net does not support HTTPS: why should it? It could if I invested an hour or so of my time toward it but it wouldn't actually provide much security for anyone.
Free plug-ins for Windows, MacOS and Linux. Xhip Synthesizer v8.0 and Xhip Effects Bundle v6.7.
User avatar
raysaul
KVRist
 
56 posts since 15 Jan, 2017

Postby raysaul; Tue Jul 25, 2017 1:54 am Re: More copy protection...

aciddose wrote:You have to take into account that not only are the developers for the website, CMS and similar possibly different developers entirely but so are the authors of the DSP, GUI and copy protection portions of a plug-in.

If you take a more positive outlook and ask the web maintainer/administrator why HTTPS isn't supported with an open mind about the issue you might get some insightful replies for your query.

If you go about things with a predetermined conclusion in mind you probably won't learn much.

For example xhip.net does not support HTTPS: why should it? It could if I invested an hour or so of my time toward it but it wouldn't actually provide much security for anyone.




The web security part of the discussion has been closed, both by me and the people I initially started it with (with me coming to some deeper realizations and kindly apologizing).
Still, the way I initially formed my post/question on that was civilized and open-minded, regardless of my preconceptions, if you care to go and read it properly. I started with "it seems..." which meant I was open for a counter-argument/answer, which I eventually got.
There has also been an agreement to not derail this thread any further in that direction several posts ago, so please keep that in mind.
But I will clarify just this one more thing you asked: why https? Considering what's going on around us, I very much believe there's no such thing as being overprotected/too cautious in regards to web security these days.
When someone hacks your website (regardless of how unimportant you might feel it is), you'll see what I mean. It happened to me years ago, and it wasn't a nice experience.

But putting this whole issue aside, I raised several other on-topic points, so perhaps those could be something to further reflect on.

Anyway, I'm out.
You guys feel free now to get back to discussing how to put more booby traps into your code and make plugins work slower.
User avatar
Vertion
KVRist
 
335 posts since 29 Oct, 2016

Postby Vertion; Tue Jul 25, 2017 2:36 am Re: More copy protection...

As Promised

Here is my test product, Chord Progression Generation for FLStudio 12.5 Patcher for $7 bucks on Gumroad. One demo track so far. I'll get around to putting up a video sometime. I will report my progress to all the other devs who have posted in this thread who are interested. What is interesting is that this sits on the line between software and a preset, after all, I did have to come up with the math and logic in formula controller, and I did have to create a control flow. In the simplest sense I wrote a computer program, but in the lamest sense I made a preset. It is completely reverse engineer-able upon purchase, as well as copy-able. Is it better to trust the customer that they will eventually come around and do the right thing (forgive), or cast away with copy protection in anger and fear? I will let you know my results.

https://gum.co/VIJiN

https://soundcloud.com/brite1000/brite1 ... gression-1
User avatar
Youlean
KVRist
 
152 posts since 11 May, 2016, from Serbia

Postby Youlean; Tue Jul 25, 2017 3:16 am Re: More copy protection...

Vertion wrote:As Promised

Here is my test product, Chord Progression Generation for FLStudio 12.5 Patcher for $7 bucks on Gumroad. One demo track so far. I'll get around to putting up a video sometime. I will report my progress to all the other devs who have posted in this thread who are interested. What is interesting is that this sits on the line between software and a preset, after all, I did have to come up with the math and logic in formula controller, and I did have to create a control flow. In the simplest sense I wrote a computer program, but in the lamest sense I made a preset. It is completely reverse engineer-able upon purchase, as well as copy-able. Is it better to trust the customer that they will eventually come around and do the right thing (forgive), or cast away with copy protection in anger and fear? I will let you know my results.

https://gum.co/VIJiN

https://soundcloud.com/brite1000/brite1 ... gression-1

Nice, though you should have spent more time on the GUI. You can use Control creator to create your own knobs...
User avatar
Vertion
KVRist
 
335 posts since 29 Oct, 2016

Postby Vertion; Tue Jul 25, 2017 3:34 am Re: More copy protection...

Youlean wrote:
Vertion wrote:As Promised

Here is my test product, Chord Progression Generation for FLStudio 12.5 Patcher for $7 bucks on Gumroad. One demo track so far. I'll get around to putting up a video sometime. I will report my progress to all the other devs who have posted in this thread who are interested. What is interesting is that this sits on the line between software and a preset, after all, I did have to come up with the math and logic in formula controller, and I did have to create a control flow. In the simplest sense I wrote a computer program, but in the lamest sense I made a preset. It is completely reverse engineer-able upon purchase, as well as copy-able. Is it better to trust the customer that they will eventually come around and do the right thing (forgive), or cast away with copy protection in anger and fear? I will let you know my results.

https://gum.co/VIJiN

https://soundcloud.com/brite1000/brite1 ... gression-1

Nice, though you should have spent more time on the GUI. You can use Control creator to create your own knobs...


Youlean, You are the master of FLStudio Patcher GUIs. I would love help with the polish. I am going to churn out a few more products here in the next couple days.
User avatar
Youlean
KVRist
 
152 posts since 11 May, 2016, from Serbia

Postby Youlean; Tue Jul 25, 2017 3:44 am Re: More copy protection...

Vertion wrote:Youlean, You are the master of FLStudio Patcher GUIs. I would love help with the polish. I am going to churn out a few more products here in the next couple days.

Well there is not much I can help you there. You should download latest FL RC version (http://forum.image-line.com/viewtopic.p ... 0&t=174591) and experiment yourself. There are very nice additions to Patcher in latest version.
User avatar
Zaphod (giancarlo)
KVRAF
 
2395 posts since 23 Jun, 2006

Postby Zaphod (giancarlo); Tue Jul 25, 2017 10:17 am Re: More copy protection...

raysaul wrote:
Kylotan wrote:It is also a bit bizarre to act as if the status of someone's website should influence whether they would want to copy-protect their work.

I never made that connection, you misread me there.

You see, irritated by my experience with Acustica's website yesterday, I noticed that it wasn't just very buggy, but also unencrypted and went to check other similar websites without checking them deeper (I just checked the frontpages, which was wrong).
When I noticed that all of them didn't have a basic https encryption implemented, I got furious because it does look like they just don't care, that's what I was saying there.
It is now clear to me, however, that most of those websites have some pages encrypted, some not, while all of them seem to have their stores protected, which is good.
However, a number of them could have the user login/accounts compromised, or at least that's what my browser is telling me here, so I do think there's room for improvement in that department.
Therefore I apologize for being a bit quick to judge there.

With all that said, I firmly stand behind everything else I said regarding copy protection, warez, developers' wrong priorities, plugin prices, misjudging customers, business strategies etc.
I rarely engage in such discussions since I have a lot of work to do, but this time I felt provoked by the sheer arrogance and inflated egos of some people here.
Throughout the years, I read countless threads and arguments on this topic and tend to now get annoyed when I see that some still insist on what are, IMO, less than elegant views and attitudes and continue to shove them down people's throats.

It's beating the dead horse, and I feel the time is ripe to evolve this weary old discourse and take it into a somewhat more courageous direction.

But include me out, I can't waste that much time on forums.


Thank you for the heavily off topic and derailing attempt, so I'll use it for advertising our incoming website, which will be simply awesome.
It will be full https and very good.
Meanwhile I could explain why your concerns are irrelevant.

Is user data today in danger in our website? No, because the user is addressed to https for querying personal data, PayPal takes care of them. We don't store anything. We don't know anything about credit cards numbers, because PayPal doesn't share this data with us. This is the best way for doing it.

Can an user steal licenses from other users? No because keys are created by offline batches on other servers, reconciled directly with PayPal (we process PayPal transactions only). You can hack the website and still your products will not be authorized. You cannot remove products from other users, because data is not stored there. It is on warehouse side.

Is the actual website strangely coded? No, it is a standard joomla container, very common when it was released (9 years ago).

Is https really secure? No. Basically you could attack an https server using other vulnerabilities like old openssh backdoor, or sql injection, if any, and steal all customer data. This is what happens daily. For this exact reason we don't care about https, and we delegate the whole task to a bank (paypal). They care about frauds. I would be very worried if a website would store REALLY credit cards numbers, I hope you are not doing that. THAT is dangerous.
Other example: you use https and you are using a Windows server without patches, that's a problem! Everybody can enter there! Maybe you store really sensible data there! Other problem!

Does it matter with the topic? No, but it was a good way for advertising our incoming new website


Is really protection more relevant then https for customer care? I would say yes. With https you are just trying to fix something which doesn't need it - unless you care about the association of your fake name and the products you own (this is the maximum damage you could do today hacking the website) - while protections ARE relevant for customer investment, because products keep their value in a better way and they can resell them easily (I don't have to explain the reason why! It is obvious!)


Are you annoying me? No! I'm thankful because I can advertise my work in a better way. Yes the new website will be awesome, did I say that already?

I hope you continue in this route, maybe on my next post I'll tell you what we are using for the new website, or which products will be released! Yeeeees pleease do it
User avatar
raysaul
KVRist
 
56 posts since 15 Jan, 2017

Postby raysaul; Tue Jul 25, 2017 11:25 am Re: More copy protection...

Zaphod (giancarlo) wrote: Thank you for the heavily off topic and derailing attempt, so I'll use it for advertising our incoming website, which will be simply awesome.
It will be full https and very good.
Meanwhile I could explain why your concerns are irrelevant.

Is user data today in danger in our website? No, because the user is addressed to https for querying personal data, PayPal takes care of them. We don't store anything. We don't know anything about credit cards numbers, because PayPal doesn't share this data with us. This is the best way for doing it.

Can an user steal licenses from other users? No because keys are created by offline batches on other servers, reconciled directly with PayPal (we process PayPal transactions only). You can hack the website and still your products will not be authorized. You cannot remove products from other users, because data is not stored there. It is on warehouse side.

Is the actual website strangely coded? No, it is a standard joomla container, very common when it was released (9 years ago).

Is https really secure? No. Basically you could attack an https server using other vulnerabilities like old openssh backdoor, or sql injection, if any, and steal all customer data. This is what happens daily. For this exact reason we don't care about https, and we delegate the whole task to a bank (paypal). They care about frauds. I would be very worried if a website would store REALLY credit cards numbers, I hope you are not doing that. THAT is dangerous.
Other example: you use https and you are using a Windows server without patches, that's a problem! Everybody can enter there! Maybe you store really sensible data there! Other problem!

Does it matter with the topic? No, but it was a good way for advertising our incoming new website


Is really protection more relevant then https for customer care? I would say yes. With https you are just trying to fix something which doesn't need it - unless you care about the association of your fake name and the products you own (this is the maximum damage you could do today hacking the website) - while protections ARE relevant for customer investment, because products keep their value in a better way and they can resell them easily (I don't have to explain the reason why! It is obvious!)


Are you annoying me? No! I'm thankful because I can advertise my work in a better way. Yes the new website will be awesome, did I say that already?

I hope you continue in this route, maybe on my next post I'll tell you what we are using for the new website, or which products will be released! Yeeeees pleease do it


Image
mystran
KVRAF
 
4792 posts since 11 Feb, 2006, from Helsinki, Finland

Postby mystran; Tue Jul 25, 2017 1:29 pm Re: More copy protection...

Zaphod (giancarlo) wrote:Is https really secure? No. Basically you could attack an https server using other vulnerabilities like old openssh backdoor, or sql injection, if any, and steal all customer data.


No offence, but if you think about it for a while, you probably realise that what you are saying above is basically that you don't bother locking your front door, because someone can still break into your house by smashing the window (or in case of old openssh it'd be more like climbing in from the window you left open, but that's kinda besides the point).

PS. I don't really see how this is very relevant with regards to copy protection though.
Image <- plugins | forum
User avatar
Zaphod (giancarlo)
KVRAF
 
2395 posts since 23 Jun, 2006

Postby Zaphod (giancarlo); Tue Jul 25, 2017 2:08 pm Re: More copy protection...

mystran wrote:
Zaphod (giancarlo) wrote:Is https really secure? No. Basically you could attack an https server using other vulnerabilities like old openssh backdoor, or sql injection, if any, and steal all customer data.


No offence, but if you think about it for a while, you probably realise that what you are saying above is basically that you don't bother locking your front door, because someone can still break into your house by smashing the window (or in case of old openssh it'd be more like climbing in from the window you left open, but that's kinda besides the point).

PS. I don't really see how this is very relevant with regards to copy protection though.



basically I'm saying that I'm not locking the door because there is NOTHING IN THE HOUSE.
And I'm telling HIM that sometimes you try to lock the door in all possible ways (when you goods in the house) but you FORGET to close a window. Openssh or sql injection are just the first examples I have in my mind. But also not patched servers or from a security holes. People is sure about the security just because a stupid lock in the taskbar, while their cretid cards numbers are STOLEN.
Today SSH means exactly nothing if you are storing seriously critical data (like debt card numbers). I was accused to spend my time on protecting plugins instead of caring about customers (just like if implementing ssh would mean something about caring customers, go figure).
And agreed, it is not relevant to the discussion, but it seems like Mr Rambo liked to attack me on SOMETHING ELSE because he didn't like what I expressed POLITELY on the matter (probably because he is involved).
What surprises me is about receiving a direct attack like that one, there are imho better ways for raising a question or a concern. There are a lot of polite ways for doing that, without attacking someone on the other side of the screen. If you don't believe that, read the whole story.
And to sum everything up, I was described as ARROGANT, - yes he used exactly this word. Luckily, everything is written. Go and read it all...

Sincerely,
Last edited by Zaphod (giancarlo) on Tue Jul 25, 2017 2:42 pm, edited 2 times in total.
stratum
KVRAF
 
1667 posts since 29 May, 2012

Postby stratum; Tue Jul 25, 2017 2:22 pm Re: More copy protection...

Looks like a more serious problem is we don't have anything to discuss nowadays and therefore keep discussing nontechnical problems that attract nondeveloper contributions. Should I start a thread about Volterra series? :)
~stratum~
PreviousNext

Moderator: Moderators (Main)

Return to DSP and Plug-in Development