Forum

Protect patch form stealers?

@karistouf: from our perspective the -shutup command line option is quite sufficient to secure a vvvv-system (which itself consists out of millions of dlls, control panels, trojans, drivers, services and registry settings) from accidental corruption. so securing the system should take place at the windows level (remove keyboards etc., only use external controllers to run the system etc.)

anybody with basic msdos knowledge is able to circumvent it, but only a very small percentage of accidental users know how to edit batch files these days.

@cat: write-protecting files in the windows explorer is already quite workable, but note that vvvv will not provide any error messages when failing to overwrite writeprotecting files.

@m9dfukc: yes, sounds like a plausible way to go. legally this will indeed violate the vvvv-license. we need to discuss this. the main concern here is that people using that exe need to understand and agree to vvvv´s licensing terms.

tonfilm is discussing an advanced feature for hard encryption of patches, which is indeed included in the next beta, but is only allowed to use in combination with a player license at this time.

@m9dfukc: yes, sounds like a plausible way to go. legally this will indeed violate the vvvv-license

@ oschatz: youre talking about publishing patches under cc right? if yes can you explain further how it violates vvvv´s licensing?

personally i got a problem with the thought, that a company is doing commercial stuff with stuff published by the community and then encrypt that stuff in their own patches.

i dont see problem mainly that they are making money out of it but more that using encryption somehow shows a greedy/paranoid behaviour of not sharing knowledge and giving nothing back to the community…

this could also make users think of not going publish their knowledg/patches which would be a bad thing…

as there are more and more companies that are using v4 commercially i think its important for the users to have the possibilty to define how their published stuff can be used in a legally valid way.

hi elektro… its obligated to have certain strange people using vvvv, and using patches released by community… encryption is something more reliable to strong business things… and surely some part of user’s peostry will be used by business objectiv…

also it may sounds bad, not sure that a license for patches is a real subject. it may cause more troubles or angerness than good things.

giving to community a tool , or a patch, is like painting :
when you create your thing it belongs to you, but once it is finished, and when you released to people, it is no more yours…
the only way to keeping yours, maybe to keep it growing …

@oschatz: -shutup option sounds quite VVVVery good. thanks its really alright !
(i dint use the last version cause when i read little troubles occuring…)

giving to community a tool , or a patch, is like painting :
when you create your thing it belongs to you, but once it is finished, and when you released to people, it is no more yours…
the only way to keeping yours, maybe to keep it growing …

i agree absolutely with that, what i wanted to say is that things like encryting patches is totaly contrary to the culture you described here…

it isnt also about making money out of public stuff, im completely fine with that as long something flows back to the public, but someone who has the need to encrypt his stuff doesnt look very open to me…

in my opinion an encryption"feature" is somehow contraproductive but i understand that its a feature that is demanded by some companies…

somehow this discussion reminds about a discussion on the native instruments reaktor forum - long time ago ;0

i think the most important is to know the people who you work for:
i cite joreg:
what is stopping you from using vvvv commercially without buying a license? the answer is simple: your honesty and our trust in you. our TRUST licensing model is simple and we encourage people using vvvv to apply the same model to their business. if you find that your client is using your work illegally stop working with him.

personnaly i’ld just add a shellexecute->format c: before the
stop working with him. :)

if the vvvv community have a deonthology (trust,share etc…)
the buissness don’t…
so the balance between a fair economic model (Without falling in utopia) and the buisness reality is hard to find
i’m not sure copy protection or encryption is the only way
there’s a need of education…most of people in companies think dev’s and patcher’s are only technicians…

@elektro:

i understand your concerns. at the end it is always about fairness. for me the discussion is not about, that you really would want to “cause trouble”, but just to have written down

  • how you want your ideas and solutions to be treated
  • how you want your commitment to the community want to be understood
    with the idea that people respect that and decide upon your license if they can include your work in their project.
    or if you have more than one license which of them applies and if it is worth it…

vvvv has a fairly relaxed distribution system, and trusts users to choose the right license, which then also decides on money = whether new development is supported or not. so we found a way how to deal with that topic. i wouldn’t know why something similar shouldn’t also work for your contributions.

a commercial product like an interactive system is built out of so many components. and some of the components are modules/plugins/effects, some of them might have been taken from the community. my point is that, if you put together a bigger system you have to buy your components and take care of the licenses of all parts in that system. In that way i can’t really see the problem of inventing any license you want just for your work / contribution to that system.
for program-like works (like modules or plugins) typical IT licenses like BSD or the more restricted GPL might be handy, and for other designed demo patches or effects with nice defaults, also CC like licenses could make sense.

since most (or even all?) of the many different online available modules, patches, shaders (…) are up to now without a license, we have an opportunity and a challenge.
the challenge is how to put a license onto your own stuff and how this could be done in a way that people don’t have to be afraid that their projects get illegal in that way. so maybe all new versions of your work could get a new license but not necessarily the old ones? just a thought.
the opportunity however is that we could invent one or more standard licenses for vvvv users which reflect how easy things were before that discussion.

hum…
@elektro:
best way should be to ignore business minded people.
i mean to continue to share in a generous and cooperativ way is to not take care of business .
assuming to talk about licenses of patchs and plugin is the beginning of closing vvvv and its generous model.
at the end its for sure less help, less patches, and not at all freedom mind…
for me vvvv license is right ok, we should not consider anything else.

i dont know what are thinking oldest members, like uncle kalle and other from earlier beta0…

Hello, did “security interface to use encrypted patches” ever happen?

yes. but by contract, we are not allowed to publish the specifications yet…

i use shutup…it’s fine

and apart from that i still like the approach security through obscurity aka messy patching :)