Basically title says all. I was wondering how developers on here protect against leakers. I have in the past connected the plugin to a pastebin and checked for a true of false value to enable or disable the plugin, but is there any better ways to protect against leakers?
How do you protect against leakers (developers)?
- Thread starter Badger
- Start date
- Status
PebbleHost
High performance, consistent uptime and fast support. Minecraft hosting that just works.
One thing you could do is obfuscating the plugin, I mean it wont stop it from being leaked but it will stop most people using leaked versions of your plugin being claimed as "custom".
I had a though hooking it up to a website / webhost as an "dependency" and make the plugin unable to run and delete itself if its not validated. Never really looked into it though, so not to sure how to go about it or if its even possible to do without being easily bypassable.
EDIT// Atm, I dont have any leak protection. I probably should.
I had a though hooking it up to a website / webhost as an "dependency" and make the plugin unable to run and delete itself if its not validated. Never really looked into it though, so not to sure how to go about it or if its even possible to do without being easily bypassable.
EDIT// Atm, I dont have any leak protection. I probably should.
No need for it, read my post.
imo you should not feel satisfied, as people will download a leaked version instead of paying for your work.
Then you update the plugin and make it better. You should feel satisfied as people want it that bad.
Assuming you obfuscate it, one way would be to require regular updates. For each update you need to use a unique license key which is checked against a server. doesn't need to be a big server, since I doubt you'll get more than a few hundred queries each time. Since it's obfuscated, it won't be as easy to 'hack', and for most non-gigantic plugins it would be easier to write one from scratch yourself.
This is what Adobe does, in a way, though it requires you to log in. It's also something steam games seem to do, since some refuse to run without updates even if they havent had internet connection in months (example: portal 2).
also, Ambrosia, "if people like it so much they want to leak it you should feel satisfied" tells me you don't know all the types of pirates there are. Some people will pirate/leak anything that people ask money for, just because.
Finally, another way would be to make it far more convenient to use your legit one than a leaked version. Idk how this would be done for plugins, but it is what Steam basically does. It's so much more convenient to use Steam for your games, since you can then play games on any computer with internet access and the needed specs, without losing save files.
This is what Adobe does, in a way, though it requires you to log in. It's also something steam games seem to do, since some refuse to run without updates even if they havent had internet connection in months (example: portal 2).
also, Ambrosia, "if people like it so much they want to leak it you should feel satisfied" tells me you don't know all the types of pirates there are. Some people will pirate/leak anything that people ask money for, just because.
Finally, another way would be to make it far more convenient to use your legit one than a leaked version. Idk how this would be done for plugins, but it is what Steam basically does. It's so much more convenient to use Steam for your games, since you can then play games on any computer with internet access and the needed specs, without losing save files.
Well, good luck with trying to make an anti-leak system that won't get leaked. I know only a few people on these forums that are capable of doing some good stuff, but nothing so it's impossible to not get leaked.
I know it's impossible to make a waterproof system, but all you really need is to make it inconvenient enough to USE the leaked version that people will want the legit one. Or make it hard enough to pirate that most of the people I mentioned might not be able to.
You can tell with full software how well-protected it is by the difficulty of finding a legit and working program. Some programs have 20 different legit cracks, while for others you have to search multiple sites to find even one.
you are yet to use leaked aac on shared hosts.
you can't use leaked aac on shared hosts
Uhm?
The most practical way to prevent leakage is by having a license key system:
Big database of randomly generated keys with values of: KEY, ENABLED, LOCATION (IP)
The plugin with its key will check every couple minutes that it is operating from the location in the database, if not it deactivates itself.
Although there is truly no way to prevent leakage. If somebody wants your plugin they can easily decompile it. The main thing is to just trust who you're selling to.
Big database of randomly generated keys with values of: KEY, ENABLED, LOCATION (IP)
The plugin with its key will check every couple minutes that it is operating from the location in the database, if not it deactivates itself.
Although there is truly no way to prevent leakage. If somebody wants your plugin they can easily decompile it. The main thing is to just trust who you're selling to.
Basically make a system advanced enough and obfuscated enough that any noob who actually would leak stuff wont be able to leak it. and the people who will be able to probably have better things to do.
Making a system checking with a webhost using a license key for instance. It would be a pain though, giving every buyer a license key (and it is against sp*got rules if you have your plugin there aswell).
Nothing is "leak proof", but it is possible to slow the leakers down and prevent more leaks.[DOUBLEPOST=1504473701][/DOUBLEPOST]
The only issue here is the ip part, servers could change their hosts ect. This will slow leaking down, but it will also be a pain in the ass for buyers if they change host, like having to pm the seller to require an ip reset ect...
Last edited:
Yeah, ideally you'd set up some seed-based license generator, and if you sell it from your own site you could have it automatically generate a license key to send to a submitted email upon purchase.
However, the no-obfuscation rule of spigot, though understandable (malware etc), makes this a pain for MC plugins. Anything short of a Factions, HCF or Prison "Core" would not be worth doing this for.
Yeah, I was just thinking off the top of my head.
I was thinking something similar to a google error like: "Multiple people logged in at the same time! Please resignin".
But as you said, it would be very tedious to have to approve everyone whenever they switch ips.
I guess, but you are allowed to obfuscate on spigot?
Another prevention method, despite being kind of retarded, is to make your plugin as complex as possible. So when people try to decompile your plugin and take out the parts that prevent them from using it, they won't have any idea what to remove.
Oh, must've misunderstood, I combined what you said with something I'd heard and pulled that conclusion, I guess it's the external license keys that are not allowed?
- Status
