Post by ksharlandjiev » Thu May 15, 2014 2:05 am

Don't wonder if your sales are going down guys, I just found another - this time Romanian website selling most of the premium opencart modules for cheaper price or for free.
http://www.myopencart.info/
They even got a gold membership where you pay once and get all for free, what an asshole!
I strongly advice all devs to check if their modules are listed.
I'm skipping all the vietnamese, russian & ukrainian websites which are full of modules.

I think we need to start thinking of some sort of protection. I know that open source and protection is not quite possible, but still there are some ideas which I have, which can help us in this fight, but without the support of OpenCart I doubt we can made a genuine solution.

ANY ideas regarding of how we can protect stealing of modules are very welcome in this topic.
Last edited by ksharlandjiev on Thu May 15, 2014 6:08 am, edited 2 times in total.

Power Image Manager | Multi Image uploader | Bulk Update Products to Categories | Bulk Update Orders
Image
NEW! Bulk add options | New! Bulk add attributes | NEW! Keep it Simple Checkout!


User avatar
Active Member

Posts

Joined
Sun Oct 09, 2011 9:22 pm
Location - London, UK

Post by ksharlandjiev » Thu May 15, 2014 2:30 am

Quick email to PayPal:
I advice all the developers effected by this website to do the same.

Please forward this email to the correct department.
Dear PayPal,
I would like to inform you that the following website:
http://www.myopencart.info which is using PayPal ID: paypal@myopencart.info, is selling illegally stolen software.
The software this website is selling is downloaded from website: http://opencart.com where this software is available on single license only with authors permissions.

As we are one of the many software companies effected by this, I kindly ask you to investigate & stop this account of performing fraud operations.

Yours sincerely,
....
-------------------------------------------------------
Also another one to Domain Privacy Protection:

Dear Sir/Madam,
I would like to inform you that the following website:
http://www.myopencart.info which is using PayPal ID: paypal@myopencart.info, is selling illegally stolen software.
The software this website is selling is downloaded from website: http://opencart.com where this software is available on single license only with authors permissions.

As we are one of the many software companies effected by this, I kindly ask you to reveal the privacy information of the owner of this domain, so we can start legal actions.

--
Yours sincerely,
....

Power Image Manager | Multi Image uploader | Bulk Update Products to Categories | Bulk Update Orders
Image
NEW! Bulk add options | New! Bulk add attributes | NEW! Keep it Simple Checkout!


User avatar
Active Member

Posts

Joined
Sun Oct 09, 2011 9:22 pm
Location - London, UK

Post by Adikon Team » Thu May 15, 2014 3:30 am

same for us!!
http://www.myopencart.info/Order_Status ... arch=email
thank you Kamen for reporting it!

Newbie

Posts

Joined
Mon Sep 24, 2012 2:17 pm

Post by Cue4cheap » Thu May 15, 2014 5:53 am

The site seems to be down now. It looks to be hacked, but it is down, it just says:
"
I'm a jerk!

I'm an asshole who is stealing modules from OpenCart and selling them illegally here!
"

Mike

www.cuesplus.com


Active Member

Posts

Joined
Fri Sep 20, 2013 4:45 am

Post by kimbo » Thu May 15, 2014 9:41 am

:laugh: :laugh:

kimbo
The Chloelina All Natural Soap Co.
chloelina.com


Active Member

Posts

Joined
Thu Aug 29, 2013 10:02 pm

Post by beipink » Thu May 15, 2014 11:57 am

This is the best protection imho,
short after someone is found of selling illegal modules the website is reported in here and it's all over.

Active Member

Posts

Joined
Tue Mar 20, 2012 7:43 pm

Post by Daniel » Thu May 15, 2014 2:49 pm

You did me a big favour!

I tried tracking down who this guy is before and found this information:

Username: nszaby
Member Group: Member
First Name: Nagy
Last Name: Szabolcs
E-Mail: nszaby23@gmail.com
Telephone: 0040752231471
Address 1: str florilor nr 133
City: varsolt
Post Code: 457355
Country: Romania
Region / State: Salaj
PayPal: n_szaby@yahoo.com
IP: 77.81.147.230


Trying to sell the site:

http://bestblackhatforum.com/Thread-TRA ... hop-backup
[TRADE]Opencart mudule shop backup

03-22-2014, 08:34 PM (This post was last modified: 03-25-2014 01:07 AM by nszaby87.) Post: #1
nszaby87 Offline
SuperVIP LIFETIME
********
SuperVIP
Posts: 5,042
Joined: Oct 2013

Reputation: 0
[TRADE]Opencart mudule shop backup
I want to sel my Opencart Website {All file and complete shop includes}

Website : http://www.myopencart.info


Read more @ bestblackhatforum.com : [TRADE]Opencart mudule shop backup http://bestblackhatforum.com/Thread-TRA ... z2xazEWuwE
bestblackhatforum.com
also asking people on bestblackhatforum.com to hack opencart.com
12-27-2013, 01:00 PM (This post was last modified: 12-27-2013 03:31 PM by nszaby87.) Post: #1
nszaby87 Offline
Powindah
*
Prestige: 0
Posts: 1
Joined: Dec 2013
Reputation: 0
Please help me How to hack a website cpanel admin account (i like to buckup file and sql database )h ttp://www.opencart.com/ or http://starshiners.com/ (buckup file and sql database )reward 100$
Find Quote
12-27-2013, 01:39 PM Post: #2
logotipas9 Offline
Powindah
*
Prestige: 1
Posts: 22
Joined: Mar 2013
Reputation: 1
Sorry pal , but its not as easy as it looks like.

OpenCart®
Project Owner & Developer.
OpenCart commercial support now available!


User avatar
Administrator

Posts

Joined
Fri Nov 03, 2006 6:57 pm

User avatar
Active Member

Posts

Joined
Sun Oct 09, 2011 9:22 pm
Location - London, UK

Post by ksharlandjiev » Thu May 15, 2014 4:44 pm

Quick Google search reveal some information about this imbecile ...
Name: Nagy Szabolcs
Age: 26
Tweeter: @nszaby
Another email using by him: nszaby@freemail.hu

Daniel where did you get his phone number & address?
I have some friends in Romania, shall I send them to say Hello? :)

Power Image Manager | Multi Image uploader | Bulk Update Products to Categories | Bulk Update Orders
Image
NEW! Bulk add options | New! Bulk add attributes | NEW! Keep it Simple Checkout!


User avatar
Active Member

Posts

Joined
Sun Oct 09, 2011 9:22 pm
Location - London, UK

Post by Daniel » Fri May 16, 2014 3:50 am

i got his details because he signed up for a sellers account and started selling other peoples work.

send your friends round if they are willing to do this.

in some countries you would get your hands cut off for what this guy did.

OpenCart®
Project Owner & Developer.
OpenCart commercial support now available!


User avatar
Administrator

Posts

Joined
Fri Nov 03, 2006 6:57 pm

Post by kimbo » Fri May 16, 2014 4:09 am

Serves him right, the odious toad.

kimbo
The Chloelina All Natural Soap Co.
chloelina.com


Active Member

Posts

Joined
Thu Aug 29, 2013 10:02 pm

Post by Daniel » Fri May 16, 2014 2:10 pm


OpenCart®
Project Owner & Developer.
OpenCart commercial support now available!


User avatar
Administrator

Posts

Joined
Fri Nov 03, 2006 6:57 pm

Post by ksharlandjiev » Fri May 16, 2014 2:25 pm

So the guy got hacked, and he is now saying how BAD OpenCart is, and how good magento and ps are.
This is so pathetic..... :laugh: :laugh: :laugh:

If you love Magento & PS so much, start selling their modules on your website buddy! Or you are afraid they may kick your ass?

PS:
Thanks to the one who did this ;)

Power Image Manager | Multi Image uploader | Bulk Update Products to Categories | Bulk Update Orders
Image
NEW! Bulk add options | New! Bulk add attributes | NEW! Keep it Simple Checkout!


User avatar
Active Member

Posts

Joined
Sun Oct 09, 2011 9:22 pm
Location - London, UK

Post by ksharlandjiev » Wed May 21, 2014 3:02 am

Daniel,
Could you make a small API script which will accept OrderID, EmailAddress and return status of an order in opencart?
If you can do this, the other devs (including me) can implement some sort of verification during the installation of the modules?
This way we can prevent installation on multiple websites and module stealing.
Not a perfect solution, but something is better then nothing I believe.

Power Image Manager | Multi Image uploader | Bulk Update Products to Categories | Bulk Update Orders
Image
NEW! Bulk add options | New! Bulk add attributes | NEW! Keep it Simple Checkout!


User avatar
Active Member

Posts

Joined
Sun Oct 09, 2011 9:22 pm
Location - London, UK

Post by OSWorX » Wed May 21, 2014 4:42 pm

ksharlandjiev wrote:Daniel,
Could you make a small API script which will accept OrderID, EmailAddress and return status of an order in opencart?
If you can do this, the other devs (including me) can implement some sort of verification during the installation of the modules?
This way we can prevent installation on multiple websites and module stealing.
Not a perfect solution, but something is better then nothing I believe.
Well basically I think this should be not Daniels intention.
Why not building some by your own and embedd it into your commercial scripts?

If someone think that in the business world he can steal software you will not prevent that practice (MS-Win is only that popular because of the millions of pirated copies.

But what you can do is preventing updates and support - as I do if someone use my scripts.
I have some code in all of mine and it works perfectly.
If the copy is not authorized, the user will get no update and no support.
Btw. updates are done in my modules directly inside them after notification that there is a new version available.

The only way you may prevent installation on several domains etc. is to encrypt your scripts.
But this practise would break the GPL-License.

And do not forget: not all extensions are sold over the OC-Store!
So how should this script check any order-id which is unique of this store?

Image


User avatar
Expert Member

Posts

Joined
Mon Jan 11, 2010 10:52 pm
Location - Austria

Post by ksharlandjiev » Wed May 21, 2014 9:43 pm

I understand what you are saying, but all of my extensions has installation page. On this page the customer is required to enter his oc email and opencart order ID for validation purposes, but this is done manually now.
What I'm thinking is that we can automate this process easily.
My experience shows that more then 50% of the installation of our modules in more then one store - the customer is not aware (or at least they said so) of the terms & conditions and that the purchase is with 'single license only'. Most of them are purchasing new license if we made a contact and explain the situation, but as I said all of this is made manually.
If there is such an API script - which I strongly believe can be made in exactly 5 minutes, it will give all the developers the chance to verify Orders in real time, and by that to prevent more then one installation using same orderID, explaining the terms & conditions of OpenCart. Of course if someone wants to steal it this will not stop him, but as i said, there are a lot of good customers which are simply not aware (after all we all know how many of the customers really read the T&C).

Power Image Manager | Multi Image uploader | Bulk Update Products to Categories | Bulk Update Orders
Image
NEW! Bulk add options | New! Bulk add attributes | NEW! Keep it Simple Checkout!


User avatar
Active Member

Posts

Joined
Sun Oct 09, 2011 9:22 pm
Location - London, UK

Post by OSWorX » Wed May 21, 2014 9:58 pm

ksharlandjiev wrote:I understand what you are saying, but all of my extensions has installation page. On this page the customer is required to enter his oc email and opencart order ID for validation purposes, but this is done manually now.
What I'm thinking is that we can automate this process easily.
Again, this will work only for those purchases made over the OC-Store.
If bought somewhere (like most of my extension not selling over the OC-store), this API or check is useless.

And finally: if GPL-licensed you cannot restrict to install on only one (1) domain.
Or do you know more than I?

But your idea has potential.

Image


User avatar
Expert Member

Posts

Joined
Mon Jan 11, 2010 10:52 pm
Location - Austria

Post by ksharlandjiev » Wed May 21, 2014 10:02 pm

OSWorX wrote:
ksharlandjiev wrote:I understand what you are saying, but all of my extensions has installation page. On this page the customer is required to enter his oc email and opencart order ID for validation purposes, but this is done manually now.
What I'm thinking is that we can automate this process easily.
Again, this will work only for those purchases made over the OC-Store.
If bought somewhere (like most of my extension not selling over the OC-store), this API or check is useless.

And finally: if GPL-licensed you cannot restrict to install on only one (1) domain.
Or do you know more than I?

But your idea has potential.
If you are selling somewhere else, you will build another (if any) implementation checks.
GPL is GPL, but the Opencart terms and conditions during purchase says as follows:

By purchasing extensions / templates you agree to:

Use it for one website ONLY (sub-domains act as separate website), unless stated by the original developer. Written approval (or attached terms of use) must be obtained from the original owner of the work prior to the re-using.

Reselling the downloaded work is NOT ALLOWED, unless stated by the original developer. Written approval (or attached terms of use) must be obtained from the original owner of the work prior the reselling.

Copyrights removal is NOT ALLOWED, unless stated by the original developer. Written approval (or attached terms of use must) must be obtained from the original owner of the work prior to the removal.

Can't claim the downloaded work as your own, please respect the effort and time spent to accomplish this work.

In case of a defaulted downloaded work, you have the right to claim a full refund. Opencart team's verification must be in place prior to any refund action.
Unfortunately most of the customers doesn't read this.

Power Image Manager | Multi Image uploader | Bulk Update Products to Categories | Bulk Update Orders
Image
NEW! Bulk add options | New! Bulk add attributes | NEW! Keep it Simple Checkout!


User avatar
Active Member

Posts

Joined
Sun Oct 09, 2011 9:22 pm
Location - London, UK

Post by OSWorX » Wed May 21, 2014 11:22 pm

Nearly 8 years ago we at Joomla had a very tough discussion about what is allowed, not and what is commercial and not.
I know these terms here, but:

1. use it only for one website > not allowed (violating GPL)
2. Reselling > coverd by GPL
3. Copyrights > covered by GPL
4. Claiming work as own > covered by GPL

Why GPL?

OpenCart IS GPL-Licensed.
So every other script based on it has to be GPL or lesser.

Templates are another discussion (back to my first line).
Because they are including images, css, etc. and are NOT based on the OpenCart core scripts (while they may use it), they can be sold under another License where you may limit it to only one (1) domain.

What you could do (to use another license)?
Use a API (which OC does not have) and you can do what you want.

As an example look at that MijoShop (I personally do not like it very much).
Former published under AceShop and other names, they had to revert their license (use it on only one (1) domain) otherwise they will be eliminated from the JED (Joomla Extensions Directory).
AceShop was banned because if this reason.
Now they have a model of subscriptions (incl. support, updates, etc.) for 3, 6 and more months.

Finally another point is installing on subdomains (OC-Store License): all my extensions can be used for one (1) domain.
Including as many subdomains the user wants.
Updates - as written prior - are only available if they use a valid key which they got from me (if purchased with updates).
Otherwise they can pay further ...

Conclusion: using OpenCart and extensions are falling all under GPL.
No need to state that again (while it could be displayed or send by email to the buyer).

If someone else (see thread title) is offering an extension and claim money for it - under the hood of publishing it as his script - you can contact your laywer.
If someone else is offering that script for free (if unchanged) it is okay.
If someone else is offering that script and claim money for it, this could be for the service, for maintaining or for a reworked script.
If someone else is selling others templates, he is violating the license.

If am wrong, please correct me.

Image


User avatar
Expert Member

Posts

Joined
Mon Jan 11, 2010 10:52 pm
Location - Austria

Post by Adikon Team » Thu May 22, 2014 12:55 am

Kamen! you are so right! this will eliminate some of the stealings, if we can save so much with such a simple changes? why not?
sing me in :)
Daniel and OSWorX, guys, if we can stop some people from stealing our work, and protect our customers from infected files from an illegal source, why to not talk about it?
We are even ok to share some job with Kamen.
500 sales, 8000 DL and 4500 installations, make a calculation! we are losing a lot, as well as you! and we want OC to grow.
you can't ignore it :)
im not selling my extensions in any other place, and i can see more than 3 links to some other websites with "Premium Opencart Extensions" and i can show you some of this extensions are full of backdoors added not by us!!

OSWorX, please don't get me wrong, but this is your answer?
"Well basically I think this should be not Daniels intention.
Why not building some by your own and embedd it into your commercial scripts?"
Why something like this is not a not Daniels intention? this is His company, so if he will not protect OC, customers and us, who will be? if Kamen can come up with some simple solution, why to not try?!
and sorry if I'm getting you wrong, it can be just my english.
I'm sure that all of us will do the best for OC, but we have to work together.
all best
Leszek
Last edited by Adikon Team on Thu May 22, 2014 2:48 am, edited 1 time in total.

Newbie

Posts

Joined
Mon Sep 24, 2012 2:17 pm
Who is online

Users browsing this forum: No registered users and 2 guests