|
RE: vb3 Call To Home
Why do I no longer have access to this post? Why has it been moved to a secure area?
Quote:
We get into a discussion about *why* it is encryped and *why* there is also an image-call-to-home and it gets closed? wow. |
I think it was due to the nature of the whole thread beeing basically a huge argument, which are usually avoided on this site. It wouldnt surprise me if this thread gets closed aswell because i expect teh hack author has been contacted by a vb.org staff member about this.
|
There wasn't a hint of arugement at all, it was pleasant and simple educated about findings etc. - there as no "JELSOFT IS THE HAXXOR" or any kiddie-flame, which is what bugs me.
|
I got a PM by one of the vB.org Moderators. What I was told was that the hack has been temporarily removed, until he can get confirmation from Wayne Luke as to whether it breaks the License Agreement or not.
I am awaiting their response and decision. I would have thought that the references I made to Zachery and Scott MacVicar would have covered that - but I guess the moderator wanted to be sure. :) |
Quote:
|
As best i remember, there was a thread at vB.com in which Wayne told someone how to remove the version call to Jelsoft because the guys forums were behind a firewall and that bit o' traffic was not allowed to pass through.. i can't remember exactly when this happened, but i know i saw it..
|
Well, we're back in business! All is well, and it's been formally determined by vB that I didn't violate the EULA. <whew!> :)
|
congrats, Ocean.. :)
|
Quote:
|
so then the call home hack is perfectly fine, correct?
|
Quote:
|
Firstly glad you got your issue sorted.
But I have one question for all.... Does no one find it strange, that Jelsoft do not support hacks, yet they support vb.org that is for hacks? On top of this they seem to have control of what hacks are allowed and what is not, remembering they do not support hacks!!! Very confusing :rolleyes: PS - Only a loose comment as it confuses me as to who is controling what and who is Offically Jelsoft controlled! or am I just paranoid about Big Brother watching lol ;) (Guess I am) :o |
Jelsoft hosts vBulletin.org for free, and also has a staff member (wayne) oversee the actions of the resource site staff. Jelsoft provides this hacking resource for their customers so they do not have to go elsewhere for hacks.
Hence they control what content can be added to this site, if they feel a hack conflicts with the license agreement it will be removed. At the same time they can not support hacked boards. Because hacked boards run hacked code, support can't give you support for code they don't even know exists in your copy of the software, you have to run a stock version for support to help you. |
Quote:
Quote:
Quote:
I'm now a little but more clued up, thanks. |
Quote:
I think it would be much more confusing if they allowed such hacks. People would go: "But it's on vB.org, an official jelsoft site, so why aren't we allowed to install it?" Is that a bit clearer? |
Quote:
|
Well, guys, I'm sorry to say this - but there has been a new development on this hack.
Originally, the Moderator here, AssassinGod - checked with Wayne Luke, the vB site coordinator, to make sure that my hack didn't violate the EULA. It was determined, at that time, that my hack did NOT violate the EULA, and was therefore permissible. However, since then, other people at Jelsoft have decided that it's not in their best interests to allow me to publish this information. The official statement is this: Upon further review... We feel that publishing the code to remove the so-called 'call home' function is not in the best interests of vBulletin or our legitimate customers. Consequently we feel that publishing this on Jelsoft's websites is not in anyone's best interests. We are also working on the limitations that this has imposed by using the call-home and making it more resource friendly. What I have been told is that removing the code in question still does NOT violate the EULA, and is fully permissible. However, they don't want the information of how to do so, to be published on Jelsoft's websites. And thus, my hack has been removed. I'm sorry guys, but unless and until they change their policy on this - I'm afraid that it's out of my hands. Thanks for all of your support on this issue/hack - I truly appreciate it. :) |
I have a Copy!!! ;) This is a very fine Hack... RemovevBCallHome.txt :D
http://www.vbulletin-germany.com/for...ad.php?t=12939 |
Quote:
That's great - but as the german site is still an official Jelsoft board - I'm sure that they'll get around to removing it there as well. (psst! - Since you're one of the privileged few who managed to d/l it while it was still up - make sure you at least have version 1.3.1! :) ) |
This file has already been sprawled accross the web, i'm glad to say :)
I suppose it's just one good thing about places like VBHACKS.us ;) Boo dictatorships! :D |
The hack is allowed to be used, just not allowed to be hosted here. This is Jelsoft's official site, after all.
|
Quote:
|
Quote:
This "hack" is just helping wearz teams get their distrubted versions out in the field faster and more piracy could cause prices to go up. :/ |
Zachery;
I understand this completely. But I do not think it is right to bring in the "this piracy costs us X money". It's just like with the RIAA and Record Industry situation - costing them X Billion a year. But it isn't costing them anything. What percentage of people who warez things (including VB) would pay for it if they could not Warez it? Be realistic; the figure is less than 1% i'm sure. So really, saying that Warez may put prices up for us isn't (to me) a serious or plausable notion at all. But I respect what Jelsoft do with managing their content on their sites. However, if good coding and progmatic practice is not going to be used by Jelsoft (to stop the long loading times when your servers cannot be communicated with for whatever reason), then I think that the arguements for it being made available to the masses is stronger than those against. By the way... I thought that VB.orgs licencing system was "now secure enough" to deal with this kind of thing? Correct me if i'm wrong, but by posting a hack as an attatchment here, you can only download it if you already have an active VB licence. |
Quote:
Yes, doesnt mean there are not people who have licenses and do illegal things with their files. |
I understand you may not be speaking for Jelsoft, but again I do not know where you are coming from with the "hurt us" part, as 99.9% of the time you wouldn't see the financial benifit anyway.
|
Quote:
The Call Home also checks for the latest version of the software, and many of vB"s releases are security fixes. I am normally opposed to call home coding, but disabling this call home is akin to disabling Windows Update. |
Quote:
Software developers love to talk about how much piracy ruins them. But they rarely want to admit how much piracy actually helps them. Developers get a large amount of free advertising for their software through piracy. Not only that, it's also advertising that carries with it an inherent vouching. People don't bother to pirate crap. There might be 20 different companies making 20 different versions of a particular type of software. The two or three versions that Pirate groups bother to hack are most likely to be the best. People know this - and they use this fact to help them narrow their choices to the best of the bunch. Looking at it in that light, it's an honor for vBulletin to be so prominent among hackers - you don't see too much of the competition, do you? :) In addition, pirated software is typically made and circulated among industry-involved people. In other words, you'll find a lot more computer consultants and IT personnel working with pirated apps than you will farmers. This means that many of the people who work with pirated apps are inherently in the best position to recommend these same products for purchase in the companies or clients that they work with/for. Personally, I can tell you that I have come across a lot of pirated applications (if nothing else, a lot of my clients install them - and I have to deal with them). As such, I have had exposure to applications that normally cost $5,000 - $20,000. These applications are well beyond my ability to purchase. But having had exposure to pirated versions of them, I can now give genuine recommendations and purchasing advice to companies who ask me to tell them what to buy. In addition, I have seen some of these pirated apps and bought them myself. These are applications that I would never have purchased were it not for a previously existing pirated copy. Incidentally, vBulletin is one such app. :) When Adobe Photoshop first came out, people were swapping and sharing the install disks like crazy. Adobe knew about it - and do you know what they did? Absolutely nothing. It was giving them exposure in a way that they couldn't *pay* for. Not only was the word being spread that there was a great new application on the market - but people were also gaining proficiency on those pirated copies. This meant that the market was starting to be filled by people who knew how to use this software and could genuinely recommend them to the companies they worked for. Developers love to talk about how much money they're losing to piracy. But the fact is that a person looking to improve their marketable skills and obtains a pirated version of Avid SoftImage (for example) will most likely have never been able to afford it on their own (how many people have $10,000 to shuck on a whim?). So, just what money is Avid losing? If this person could not have obtained a pirated version, they wouldn't have bought it anyway. Zero money lost to Avid. However, by obtaining that pirated version, they become acquainted with it, learn it - and now, when their company is looking for a 3D Animation solution, this person can speak up and say "Hey, I've worked with Avid SoftImage. It's a GREAT program, and I know how to use it". Boom - a sale made, and $10,000 in the bank for Avid, who otherwise might never have seen that money - as the company in question might have chosen a competitor's product if left to their own devices. So, I will say that piracy can do both good AND bad things for companies. It's rare for developers to acknowledge this - but that doesn't make it false. :) |
Quote:
I would change your analogy to say that disabling vB's Call Home feature is akin to not checking Windows Update regularly. But users can check vB's site for new versions at any time, and they can apply those new versions at any time as well. Eliminating the Call Home feature does not keep a person from doing anything vital. I realize that it's a challenge to implement anti-piracy measures on anything that is Viewable Source. But that doesn't change the fact that many people are principally opposed to Call Home features - and they have good reason and every right to be. :) |
Quote:
|
Quote:
You can describe all of vB's features to me as thorough as any developer can, you know what it sounds like in my head? "Blah blah blah? Nenene yada yada randomspam spamspam!" I dont give a piss about how a feature looks in the manual, I want to see it in action! AdminCP demo couldnt do much, could I edit the files and check out how the features would work in the environment my forums create? No. If it werent for pirated vB, I would never have bought it. That simple. |
Quote:
Most applications won't tell you if there's a new version or not. And the ones that do usually give you a way to turn that feature off in that program's Preferences. Really, that's all I'm asking for - a way to turn off the Call Home feature completely. By all means, go ahead and put a version check in, if you think that it does more good than harm for your users. You can even program your app to enable it by default. Just give the users a way to shut the damned thing off. :) Is that really such a horrible thing to ask? :) |
Quote:
|
So why can't users make the choice between ignorance and obersvance?
|
Quote:
If you included that feature, and programmed your app to enable it by default - where would the harm be in allowing users the option to turn it off? The way I see it, you would get the best of both worlds - yes? |
Most users would make the wrong choice. "Call home? Well I want my privacy so that's going off!" In principle, users should be allowed to turn it off, but in implementation, users will unnecessarily turn it off.
|
Then that is a choice they should make, instead of having something forced upon the user?
|
Quote:
If they make the wrong choice for the type of user they are, they will pay the price. But it is NOT the developer's place to take that choice away from them. Everytime Microsoft tries to pull that same trick, people in every country say to them "How dare you?!?". But when other developers do it, they think the same ethics don't apply to them. |
The problem is that when users don't upgrade and are hacked due to an old security hole (see the whole calendar.php issue not so long ago), Jelsoft is going to spend a much bigger amount of time giving support to these users.
The only good option I can think about is having the setting in one of the debug settings (like the version number and so on). That way, users will realy have to *do* something to turn it off, meaning they are fully aware of what they are doing. |
Quote:
But the fact of the matter is that people want choices. Claiming greater support times is no excuse for depriving people of the right to plug the security hole of having an app send out information without their explicit consent. Besides which, what great burden is it for vB staff to deal with a problem that is caused by an obsolete version? All they have to say (and they do say it) is "That problem was fixed in the 3.x.x release. In order to fix it, you'll need to upgrade to the latest version." That hardly qualifies as a significant burden. :) Quote:
|
| All times are GMT. The time now is 04:49 PM. |
Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
| X vBulletin 3.8.12 by vBS Debug Information | |
|---|---|
|
|
 More Information |
|
|
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|