MuTools

JoPo · Post by **JoPo** » Sun Dec 17, 2017 6:12 pm

mutools wrote:I don't accept that explanation.
The text clearly is "UserKeyString" and so now you say you don't know what a User Key is??
And on top of that it clearly included your personal user key which you have copy-pasted so you know how it looks like.
I don't say you did this with a bad intention but the mistake is very serious.

Everyone make mistake, sometimes. Even you, I'm quiet sure. Sometimes a big mistake doesn't have any consequences and some other time a small one has big consequences. It's the case now.

You said you don't accept that explanation. What can I do more ? English is not my natural language, for example, when you say "I have to pause M8 R&D", I'm very sorry to not understand. I'm not a software developer either And I don't know what means what one read in configuration files.

You say my keys are going to be invalided, I'm ready to pay for new Mux modular key. I don't know what to do more to help you. If there is something I can do to help, tell me, I'll do it.

If you have the possibility to invalidate my keys, does it not means that even if someone had the time to get it, they will not work ?

dakkra · Post by **dakkra** » Sun Dec 17, 2017 6:35 pm

It would work on any version non-new. The danger to serial keys is that once leaked, the only way to stop it from becoming worse is by making NEW versions of the software that won't take that key. In other words, whoever has the key can use this version of MUX for free, but won't be able to upgrade.

Jo's stated he's researching how to blacklist(invalidate) keys, meaning it's not yet built into the code base.

Licensing models are a whole world of hurt. Many companies gave up on serial keys for this reason and moved on to, shall we say more annoying forms of licensing (iLok being very popular). Using serial keys allows users to use their licence freely without the need for a third party licencing software or hardware dongle. The downside being, once a key is leaked, the developer loses money until they make a new version of the software.

In essence, Jo can't stop a thief from using the current version of MUX (unless he doesn't allow them to download it, but that inconveniences current customers and potential buyers). He can only prevent the thief from using future versions.

Hope this helps to make sense of the situation,

Dakkra

JoPo · Post by **JoPo** » Sun Dec 17, 2017 6:57 pm

Thanks a lot for those clarifications, Dakkra. As I said I made stupidly idiot mistake with a total non conscience to make any.
I was concentrate on my mux patch. Anyway, I must confess that I never realized what it was written untill I read your post ! I was light years far from imagining it was my mux key !

I'll not say that if I made the mistake, it means that it can happen again at any time...

But it's not exactly false. I don't know nothing about software developement but it seems to me that it was easy to make that bullshit.
Being a poor average guy, another poor average guy could do the same again. After saying that, I've no idea how to avoid that situation.

MuTools · Post by **MuTools** » Sun Dec 17, 2017 7:22 pm

@Dakkra: Thanks for the precise clarifications to JoPo.

@Jopo: I will send you a new MUX 7 VST user key when the new MUX version is available.

Until then MUX 7 VST is unavailable for download.

JoPo · Post by **JoPo** » Sun Dec 17, 2017 8:21 pm

Thank you, mutools !

Don't know how I could apologize. As I said (I wanted to write this in a PM but I don't find it !), I can buy keys again for the next update. I've got some money at the moment ! It's enough rare and I'm pleased to help developers like you. Even if what I did didn't help that much...

Do as you wish for the keys. I must say that I made a big communication about your software on the community I use to go often. It's about the oddly unknown Scope audio platform :
http://forums.scopeusers.com/viewtopic. ... 1&p=325485&
And there is some other thread where I spoke of Mux modular.
I believe some of people there bought your audio applications.

A you see, I'm not a bad guy and I hope you'll forgive me... One day...

Keep on the good work. What you did by yourself is already amazing.

As I said too, being a poor average guy, another poor average guy could do the same again. I don't know if there is a way to avoid that but what I did was really easy and I didn't see any warn anywhere at any time. Maybe (if there is any, I didn't saw it) a warn in the read me file could help to avoid to have the same situation...

pljones · Post by **pljones** » Sun Dec 17, 2017 10:02 pm

One of the MuTools' strengths is a weakness, indeed - it doesn't come encumbered with hefty requirements that much other software does, as Dakkra points out. Possibly something to consider might be moving the user key to a separate user key file (maybe called "do-not-share-this.key"), though, which might help others avoid similar mistakes.

Pyrotek45 · Post by **Pyrotek45** » Mon Dec 18, 2017 12:27 am

why not tie the email to a key in the future. seems simpler imo.

dakkra · Post by **dakkra** » Mon Dec 18, 2017 12:29 am

Pyrotek45 wrote:why not tie the email to a key in the future. seems simpler imo.

That requires the application to talk over the internet in order to be used. Not a fun feature for those on the move.

dakkra · Post by **dakkra** » Mon Dec 18, 2017 12:31 am

pljones wrote:One of the MuTools' strengths is a weakness, indeed - it doesn't come encumbered with hefty requirements that much other software does, as Dakkra points out. Possibly something to consider might be moving the user key to a separate user key file (maybe called "do-not-share-this.key"), though, which might help others avoid similar mistakes.

Encryption may also be an idea to assist with this. An encrypted private key file. Or a public private keypair with signed certificates. All of it would require Jo to spend time on re-writing the license model though.

MuTools · Post by **MuTools** » Mon Dec 18, 2017 11:31 pm

pljones wrote:Possibly something to consider might be moving the user key to a separate user key file (maybe called "do-not-share-this.key"), though, which might help others avoid similar mistakes.

Yes i agree. You and JoPo are right that this mistake could be made by others too by accident. I've taken note about this.

MuTools · Post by **MuTools** » Mon Dec 18, 2017 11:47 pm

Elaborating on this topic:

I agree that it is a good thing for the users that the MuLab / MUX user key system is very easy and liberal. But as you know it has the drawback that such user keys are a fragile protection. For some time already i'm thinking about linking the user key to the computer. Of course that would mean a challenge-response model:

* User buys user key and immediately gets a temporary initial user key, like it works now now.
* User sends personal + system data to MuTools, then a specific user key for that person and that computer is returned.

Of course it will depend on how the system ID is defined whether changing certain hardware would require a new user key to be generated. (for free, unless it would be too often, like more than once a month)
Maybe i can find some system ID generation that is very stable, that (almost) never changes unless it is about a new computer.

Anyone experiences with this?

Any thoughts on such licensing model?

JoPo · Post by **JoPo** » Tue Dec 19, 2017 10:54 am

I'm not able to help very much...

I just know an awesome company that seems to have found a licence / serial key system that is working well and I don't know any crack on their products.
It is Swam Engine (their saxophons are the best !!) : http://www.swamengine.com/

Their system works like you mentioned : with ID number. And when changing computer, one needs to ask for a new serial. This is done automaticaly in a dedicated web page.
Maybe you can contact them and ask some info...

Anyway, a way to avoid mistake like I did is important. The price of your fantastic products is fair, so I still believe that users who want to use them everyday agree to pay for them. And even dealing with the serial key changing with computer hardware.

Finding a way to not have the serial key as easy to copy as it is now is essential to protect your work.

bibz1st · Post by **bibz1st** » Tue Dec 19, 2017 12:04 pm

If it is going to be tied to a particular computer, which I dont have a problem with, does that mean it wont be able to run from a USB stick anymore ?

MuTools · Post by **MuTools** » Tue Dec 19, 2017 12:19 pm

Good question, thx!

Well, the new key system i'm thinking of would still allow to run MuLab from a USB stick as long as that stick is plugged in in the computer for which the user key is made.

Now thx to your question i realize that such new system should support multiple user keys in the same MuLab setup so that there can be a user key for your desktop and another one for the laptop. MuLab should use the relevant user key of course.

MuTools · Post by **MuTools** » Tue Dec 19, 2017 12:32 pm

JoPo wrote:I just know an awesome company that seems to have found a licence / serial key system that is working well and I don't know any crack on their products.
It is Swam Engine (their saxophons are the best !!) : http://www.swamengine.com/

Thx for the link.

MuTools

KVR Audio

Vst plugin output number