New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Not a whole lot of context to go off, but it's going to be something that echo's that text. Pirates don't need the source to be 100% identical to the original - they just need it to be readable/understandable enough to remove/change branding, add or remove some features, remove the licensing code, and pack it up and sell or otherwise redistribute it. If that.
This would be a perfectly good decoding result, even if it weren't the original code:
Also, the obfuscation you use in Billic is really easy to defeat:
<?php $file = '[...]'; $source = file_get_contents($file); $tokens = token_get_all($source); foreach ($tokens as $i => $token) { if(isset($token[1]) && $token[1] == "str_rot13") { $source = str_replace('str_rot13('.$tokens[$i+2][1].')', str_rot13($tokens[$i+2][1]), $source); } } file_put_contents($file, $source);Sure, variable names are still random, but when you're doing a code audit, that's just a very small inconvenience, if that.
Hello,
The original source was:
We are just considering our options of the best way to deliver our product.
Thank you for your replies however and we will look into this.
Regards,
Adam W
Billic.com
In other words the original source code was pretty much the result of @vld single function applied to your obfuscated code, only thing different was the variable name, that doesn't really matter too much.
Hello,
as i mentioned we are just considering our options of the best way to deliver our product.
Thank you
Regards,
Adam W
Billic.com
While I don't agree with some people here (obfuscating your code MIGHT actually keep some people from bypassing your license), please don't try to prove it's not possible, you will fail miserably.
Hello,
We were not trying to prove anything, we were just getting an idea that is all.
Regards,
Adam W
Billic.com
Right, but that's the thing. It does keep some people from bypassing licensing. It just isn't the group of people that has any impact on your sales whatsoever. From an economic point of view, it makes absolutely no sense unless you're going for vendor lock-in (in which case all bets are off with regards to "respect for your customers" anyway).
Neither those who crack software for profit, nor those who do it for fun, are going to be deterred by DRM (including obfuscation). The former have the economic incentive as they are the source of commercial piracy, and the latter just find the more complex protections more fun to break (and are the source of non-commercial piracy).
It's not going to reduce piracy in any way, but it's going to harm your actual customers. Economically and ethically, it is absolutely not a good idea. The "protection" provided by DRM is purely theoretical, and fundamentally piracy is a legal problem, not a technical problem.
They @Billic - @joepie91 does code audit, and he is very good and his prices are very good, you should consider it.
I think @Billic should reconsider the business model, like what @Aga said earlier, SaaS.
Sell for a one time high price for full premium product, offer subscribed service, and release limited product as open source.
Not for PHP
What? You did audited the Z-Pancake :P
That was hardly an audit. That was quite literally looking at the source code for 10 minutes, deciding "okay, this is a Swiss cheese" and giving up :P
Either way, I've pretty much completely dropped PHP for everything. I primarily do code quality review anyway (rather than explicit security audits), and in that sense, PHP is a bit of a lost cause. The language/ecosystem just does not provide the tools for building well-written applications.
Why don't you talk to this community like a human being, rather than spewing out this corporate nothing speak? You're not a big company - why bother pretending to be one by droning on like this?
I wasn't even sure what inconvenience a broken website would cause us, even apologizing for it twice.