More copy protection...

[RSL369]

That new (as featured @ KvR frontpage) Backmask plugin's "steal" option is so far the best way of fighting piracy that I have seen.

While you guys discuss bus tickets here, that guy, IMO, lives in 3017.

it's a "variation" of donationware. But let me tell you ppl sometimes prefer the "d*ck option".
In italy there was a restaurant where you could pay with an "offer", and guess what? the model is not working any more. Don't get me wrong, donationware is a good thing (and it could be extended to crowdfunding models) but it is not exactly what an established company with several emplyees can do in a niche market.
I guess it fits perfectly in the single-employ case.

Fair enough, but since you're here, lemme ask you something; it seems most of you "established" companies care a lot about protecting your software, but barely any of you appear to care about protecting your customers:









How come none of you bothered to implement https encryption yet?
I mean, it is 2017.
Frankly, it makes me quite uneasy the thought of purchasing anything from you guys, while knowing that my credit card and other valuable info could be stolen at any time.

With all due respect.

[resynthesis]

I believe u-he use DigitalRiver for all transactions dunno about t'others

[RSL369]

I believe u-he use DigitalRiver for all transactions dunno about t'others

Cool, but that's beside the point.

What I'm saying here that it's one thing to waste time here at KvR bragging about your latest protection shenanigans (instead of delivering RePro5 in time), while wholly another to use that time to do something genuinely useful, such as encrypting your website to protect your customers.

Acustica's website is the worst I've seen in that regard, and it's taking them literally ages to do anything about it.

In a time where things like this are happening: https://youtu.be/NgsjIvWA3p8 , hacking a website like Acustica's would be an easy task for even a newbie hacker, needing a good exercise.

I don't know about you, people, but I care about my credit card info not being stolen.

I hope I don't have to remind everyone here that a large part of AiR's 2009. Steinberg crack was hacking Steinberg's server to access the stuff needed to finish the job.

With unencrypted websites like these, all I can conclude is that our beloved "established" developers here don't really care about their customers and only care about their revenue.

That's all I have to say.

And now please excuse me while I go and "donate" some money to that Backmask guy, at least he has a f**king https encrypted website.

[resynthesis]

No, I meant that you don't enter personal info on the website that's all done on the DigitalRiver site. Anyway, HTTPS is no universal solution so security especially now certificates are being handed out willy nilly. Look at:

[utl]https://perezbox.com/2015/07/https-does ... r-website/[/url]

[RSL369]

No, I meant that you don't enter personal info on the website that's all done on the DigitalRiver site. Anyway, HTTPS is no universal solution so security especially now certificates are being handed out willy nilly. Look at:

[utl]https://perezbox.com/2015/07/https-does ... r-website/[/url]

I know, I got that the first time you said it, cheers.

But you see, even the article you linked states the following:

There are obvious instances in which this type of secure connection is a must.

Transfer of Personal Identifiable Information;
Transfer of transaction data in e-commerce;
Transfer of any other sensitive data;

User login data, credit card info, purchase receipts all fall into this category.

The point I'm making here is that a lot of developers have their priorities set wrong, whether it's wasting time on protection-related booby-traps, or ignoring the obvious web security issues, thereby putting their customers at risk.

Anyway, I don't wanna derail this thread any further.
Carry on.

[Zaphod (giancarlo)]

That new (as featured @ KvR frontpage) Backmask plugin's "steal" option is so far the best way of fighting piracy that I have seen.

While you guys discuss bus tickets here, that guy, IMO, lives in 3017.

it's a "variation" of donationware. But let me tell you ppl sometimes prefer the "d*ck option".
In italy there was a restaurant where you could pay with an "offer", and guess what? the model is not working any more. Don't get me wrong, donationware is a good thing (and it could be extended to crowdfunding models) but it is not exactly what an established company with several emplyees can do in a niche market.
I guess it fits perfectly in the single-employ case.

Fair enough, but since you're here, lemme ask you something; it seems most of you "established" companies care a lot about protecting your software, but barely any of you appear to care about protecting your customers:









How come none of you bothered to implement https encryption yet?
I mean, it is 2017.
Frankly, it makes me quite uneasy the thought of purchasing anything from you guys, while knowing that my credit card and other valuable info could be stolen at any time.

With all due respect.

We rely on Paypal (https) for storing personal data (credit cards, shopping details). On our website you have a Nickname only. When you try to buy you are moved to PayPal https. Basically the website is an empty container, even the server used for Keys is not the one you see.
All the associations between the fake website and our warehouse are handled by batches, there is no way of hacking your account, because our fake joomla database is reconciled with transactions coming from PayPal and our warehouse (yes we have one, and it is the real master of data) each 15 minutes. Receipts and invoices are handled by a different server, indeed.
The new website will support https tough, even if I think it is a waste of time, in 2017. Https is a false idea of security, in a world where openssh created a disaster just few months ago and where even PayPal (the actual leader) is experiencing frauds.
Please don't derail the thread, with all due respect
This is a developer forum, please address your customer rants elsewhere.

[RSL369]

We rely on Paypal (https) for storing personal data (credit cards, shopping details). On our website you have a Nickname only. When you try to buy you are moved to PayPal https. Basically the website is an empty container, even the server used for Keys is not the one you see.
All the associations between the fake website and our warehouse are handled by batches, there is no way of hacking your account, because our fake joomla database is reconciled with transactions coming from PayPal and out warehouse (yes we have one, and it is the real master of data) each 15 minutes.
The new website will support https tough, even if I think it is a waste of time, in 2017. Https is a false idea of security, in a world where openssh created a disaster just few months ago and where even PayPal (the actual leader) is experiencing frauds.
Please don't derail the thread, with all due respect
This is a developer forum, please address your customer rants elsewhere.

By all means, keep editing your post until you finally manage to make a point, you're close.

And I already said I won't derail the thread anymore, no need to repeat that.
I am not a developer, true, but I am a content creator and have as much right to voice my opinion here as you do since I'm dealing with piracy issues as well.

[Zaphod (giancarlo)]

Yes I described our system in a better way (, this is the reason of editing), so now you know how much the appearance is not related with the substance.
Trust me, if the website was not secure all our customer credit cards data would be hacked in less then 15 minutes. There are ppl living in China who are just waiting for that

[RSL369]

Yes I described our system in a better way (, this is the reason of editing), so now you know how much the appearance is not related with the substance.
Trust me, if the website was not secure all our customer credit cards data would be hacked in less then 15 minutes. There are ppl living in China who are just waiting for that

Man your website is a mess and you know it. It is extremely buggy, insecure and very frustrating to deal with.
You've been promising a fix for quite some time now and still nothing, which really makes your company look bad.
But yeah, that is another topic indeed, so I'll leave it at that.

However, the way I started commenting on this thread was quite on topic, as you know, since you answered my first post.
You disagreed with me when I pointed out one alternative approach to copy protection and you said that it was nothing but a variation on donationware, which I don't fully agree with.
That is true to a degree, but you're missing the point.
You see, sometimes it's not about what you're doing, but *how* you're doing it.
IMO, that guy does it right.

I'm not saying that his approach is *the answer*, but I feel it to be way more appealing than yours, PACE's or U-he's, that's for sure, and would be far more willing to give my money to someone like that (an honest guy who obviously *gets it* and plays on simple reverse psychology), than to you or Urs or Slate who only fight the world and project distrust by assuming too many people will choose to be dicks.

Piracy is a fact in this industry, always was and, IMO, it is unreasonable to build a business with an intent to constantly keep fighting it.
Throughout the years of creating and selling content, I learned that piracy is a part of this whole eco system and that it would be much wiser to make a business model which takes that into account.
There will always be people who will buy your stuff and support you, and those who won't. That's a fact.
Therefore, to me at least it looks like a far more sensible idea to not only provide a high quality service/product, but also build an authentic relationship with your paying customers with an honest and fair approach to copy protection, like that guy did.
To me, that is a much better way to go about things than to keep wasting time on developing new types of copy protection.
You just can't win that game.

[Zaphod (giancarlo)]

Yes I described our system in a better way (, this is the reason of editing), so now you know how much the appearance is not related with the substance.
Trust me, if the website was not secure all our customer credit cards data would be hacked in less then 15 minutes. There are ppl living in China who are just waiting for that

Man your website is a mess and you know it. It is extremely buggy, insecure and very frustrating to deal with.
You've been promising a fix for quite some time now and still nothing, which really makes your company look bad.
But yeah, that is another topic indeed, so I'll leave it at that.

However, the way I started commenting on this thread was quite on topic, as you know, since you answered my first post.
You disagreed with me when I pointed out one alternative approach to copy protection and you said that it was nothing but a variation on donationware, which I don't fully agree with.
That is true to a degree, but you're missing the point.
You see, sometimes it's not about what you're doing, but *how* you're doing it.
IMO, that guy does it right.

I'm not saying that his approach is *the answer*, but I feel it to be way more appealing than yours, PACE's or U-he's, that's for sure, and would be far more willing to give my money to someone like that (an honest guy who obviously *gets it* and plays on simple reverse psychology), than to you who or Urs or Slate who only fight the world and project distrust by assuming too many people will choose to be dicks.

Piracy is a fact in this industry, always was and, IMO, it is unreasonable to build a business with an intent to constantly keep fighting it.
Throughout the years of creating and selling content, I learned that piracy is a part of this whole eco system and that it would be much wiser to make a business model which takes that into account.
There will always be people who will buy your stuff and support you, and those who won't. That's a fact.
Therefore, to me at least it looks like a far more sensible idea to not only provide a high quality service/product, but also build an authentic relationship with your paying customers with an honest and fair approach to copy protection, like that guy did.
To me, that is a much better way to go about things than to keep wasting time on developing new types of copy protection.
You just can't win that game.

You know it is the correct answer if adopting this approach he can do it as a daily job, with possibly employees, paying bills and salary to all of them. I'm sorry to be such pragmatic and empirical, but the key of success which can validate a procedure is exactly that, nothing less, nothing more.
The interesting point is that our crappy website is working, we are paying bills, so protecting the investment of the customer with a protection was very important. It worked for 10 years. We have employees. We fill the fridge. We could be cracked tomorrow, still it worked till this exact moment and it was the reason of our success till this exact moment, so using my metric it was way more important then https. Trust me, our customers care if their investment is not protected with a decent protection.

My business model is without it.

All my respect to people integrating piracy in a working business model, and the crackers themselves (talented coders most of times)

[stratum]

I haven't yet seen a company that has plugins with price tags above $100 and no copy protection. Below $30, it may become common practice, as the time that would be spent while trying to obtain the same thing from a warez site is probably worth more, not to mention few people would tolerate a virus on a computer that is connected to the internet. Based on this rationale, and if it is also correct that the plugin market is 'racing to the bottom' as a few people have claimed, one could argue that software piracy has no future in this market.

[WOK]

What I'm saying here that it's one thing to waste time here at KvR bragging about your latest protection shenanigans (instead of delivering RePro5 in time), while wholly another to use that time to do something genuinely useful, such as encrypting your website to protect your customers.

Why do you want the entry page of a website being encrypted? That's rubbish.
Only the payment page or a customer login page is important..

That new (as featured @ KvR frontpage) Backmask plugin's "steal" option is so far the best

"Pay what you want" is an old idea. It began in the web for software/plugins. Even some restaurants tried this as an advertisement idea. They all stopped eventually, because it doesn't work.
When I tried this for my plugins, the absolute minority payed something that could be called decent. Often it was 1€ or even 10 Cents only. (the same goes for the restaurants that tried this)

There will always be people who will buy your stuff and support you, and those who won't. That's a fact.

Yeah, and the more easier it is to get a "full version" with a quick googling, the less persons will pay for the same thing.

[RSL369]

Why do you want the entry page of a website being encrypted? That's rubbish.
Only the payment page or a customer login page is important..

In most cases here, the entry page *is* the customer login page.
Once inside, a hacker could go deeper and access more sensitive data, especially if it's an older, unupdated Joomla (or similar) template.
But I have come to understand now, yes, that if it all goes through PayPal, it won't be that easy for him, true.
But he could download all the user's purchased stuff and take over their account, which is not nice.

"Pay what you want" is an old idea. It began in the web for software/plugins. Even some restaurants tried this as an advertisement idea. They all stopped eventually, because it doesn't work.
When I tried this for my plugins, the absolute minority payed something that could be called decent. Often it was 1€ or even 10 Cents only. (the same goes for the restaurants that tried this)

People will pay as much as they think your stuff is worth.
Offering a great support, 64 bit versions, great GUIs, desirable functionality will make some people pay more than that, I'm sure.

Yeah, and the more easier it is to get a "full version" with a quick googling, the less persons will pay for the same thing.

That guy, for instance, offers a full version in the "steal" option, no need for Googling.
The only catch in this case is the sense of bad karma/conscience if you do it that way, which is the same as using cracks. But this way, at least, you develop a different/better relationship with these people and you get stuck in their mind in a different way. I feel there is higher chance they will get back one day and actually buy your stuff than if they just download your soft as simply another piece of warez.

[RSL369]

I haven't yet seen a company that has plugins with price tags above $100 and no copy protection.

https://www.bozdigitallabs.com/product/imperial-delay/

And I'm sure there are others.

Also (and I know most will disagree) no plugin should cost more than $50 (except maybe huge sample libraries).
Sean Costello got that right.

$20-$50, no copy protection, good support and I'm sure you'll be able to run a business with no problem.

But I am a utopian.

[Zaphod (giancarlo)]

I haven't yet seen a company that has plugins with price tags above $100 and no copy protection.

https://www.bozdigitallabs.com/product/imperial-delay/

And I'm sure there are others.

Also (and I know most will disagree) no plugin should cost more than $50 (except maybe huge sample libraries).
Sean Costello got that right.

$20-$50, no copy protection, good support and I'm sure you'll be able to run a business with no problem.

But I am a utopian.

Now read again what I posted. You are basically agreeing with me. The model you are speaking about is working for very small companies (3 guys in the best case).