2019 was a huge period of development for MC-Market with a new account upgrade, massive changes to our resource and reputation system, over $10,000 raised for charity and the doubling of staff team’s size. We now have four different developers working on projects for our platform, and we look forward to 2020 being a period of growth for us and our community’s creators.
Combatting Piracy
In July 2019, we made an announcement with huge changes to our resource system in our fight against leak sites and leakers: https://www.mc-market.org/threads/495708/
Most of these changes were preventative measures, to stop leakers from obtaining and leaking the products in the first place, but what happens when a file inevitably ends up falling into the wrong hands? How can we ensure that the leaker is stopped and action is able to be taken?
Since that announcement, we’ve been hard at work developing the software necessary in order to offer placeholders for our community to use in all of our resource categories, into which MC-Market will inject the download data upon each download. This will allow our creators to hide unique data in their products for identifying the downloader of whatever file becomes leaked. This feature will be employed retroactively as well. Injecting values into placeholders included in any resources uploaded prior to this change.
A list of all of the placeholders we’re offering, as well as an explanation of each, are available here: https://www.mc-market.org/wiki/resource-anti-piracy-placeholders/. They are available for free and paid resources in any category, however, the anti-piracy uses are clearly suited for paid products. If there are any more placeholders that you’d like to see added, please create a suggestion thread. It is more difficult for some resource types to utilize these anti-piracy features, but we still encourage all resource authors to use them in their paid products wherever possible. We will be continuing to develop this system in the future.
Vulnerability Abuse
Between December 22, 6:50 PM GMT and December 23, 2:30 AM GMT, for a period of 7 hours and 20 minutes, MC-Market’s download page for its resources was missing its usual license check prior to providing the requested file.
During this period, exactly 21 users downloaded a file without authorization. After discovery, exactly 16 users continued to utilize this vulnerability to download additional resources without right. All 16 of those users have been restricted and will be required to either pay the resource authors they owe or be banned from our platform for the intentional exploitation of the vulnerability in order to circumvent normal restrictions and gain access to content on our site without authorization. The other five users have not been restricted, but are held to the same expectations.
All resource authors effected by these users have already received a private message. If you have not already been messaged by an administrator regarding this, your resources were not involved.
Authors whose abusers refuse to pay the for the products they downloaded and are banned will be reimbursed by MC-Market in the form of non-transferrable advertisement credit, covering the remainder of the owed amount.
Although thievery is inexcusable and each abuser should be held accountable for their intentional misconduct, we want to apologize for it having been possible for those users to abuse this. During the implementation of our resource injector, some test code disabling the license check was mistakenly not removed from the final version of the software we paid to have developed. We agree that this is completely unacceptable. To ensure nothing like this ever happens again, we will be adding a second code verification step before any addons we have commissioned are implemented into our website. Justis, with years of experience as a developer and resource moderator checking our community’s products will be personally verifying the integrity and safety of each custom addon we receive, as well as each modified version at every level of development where the live site receives an update, prior to installation. No development mistakes like this have ever made their way to our platform before and we fully intend on ensuring it never happens again.
Tickets System
Over the past week we have released a new ticket support system to our Ultimate users, and later our Supreme users. Today, we have opened tickets up to be available to everyone. If you have any currently open support requests from our old system then you can convert them over to our new system, but we no longer allow any users to create support requests while we migrate.
This new system has many benefits over our previous system, such as the ability for guests to create tickets and a far more powerful backend for staff members to efficiently respond, reducing wait times.
Other Changes
Along with the above, we have also made minor adjustments to site policies and some forum layouts. A full list of changes we have made are as follows:
- Added ability for Premium users to charge Euros for resource sales
- Added several new subforums to Development forum
- Added new ‘Writing’ service forum
- Added rule 1.23 clarifying that external sites and servers and services may only be linked or promoted if the hosted content abides by on-site rules
- Added rule 3.1.2 clarifying that advertising content requiring user registrations is not allowed
- Adjusted rule 3.4 slightly to 3.4 Do not send multiple advertisement messages within twenty minute increments, or advertise content which has been advertised in the last 20 minutes.
- Adjusted rule 3.6 slightly to 3.6 Do not advertise products and services which you yourself do not own or have the right to redistribute.
- Adjusted rule 5.6 slightly to clarify that although ebooks may not be sold, they can be distributed
- Adjusted minecraft account sales to now be a forum with subforums rather than a category
- Removed our new resource index page, reverting back until a new trial is developed
- Removed ability to sticky minecraft account sale threads
Mick
Last edited:
