Post by OSWorX » Sun Jun 17, 2018 2:51 am

And the best on this module is:
WE USE ANTY-HACKING PROTECTION ionCube 10.0+.
Means while all Extensions have to be under the GNU/GPL, the code is encrypted.

So nobody knows exactly what this extension is doing under the hood?
Not very trustworthy.

Image


User avatar
Expert Member

Posts

Joined
Mon Jan 11, 2010 10:52 pm
Location - Austria

Post by IP_CAM » Mon Jun 18, 2018 6:18 am

all Extensions have to be under the GNU/GPL
Well, I am not so sure about this, especially when it comes to paid Custom Work,
and I have not found a written statement from OC, requiring this, anywhere, so far.

But strictly from the standpoint of a Dev, it's at least understandable, that one tries,
to keep one's work from beeing taken & re-used by others. Especially when it comes
to OC, the probably widest spread Darknet Code in the whole world.
And other Extensions exist, for some time already, requiring users, to add some Code,
to call external Servers, in order to function. So, where does it start, and where does it end !? 8)

But it looks very professionally, and it's all done very professionally, one could even
get the impression, to visit an 'official' OC Extension Site. And this would, if I would
care about, worry me more, than just a coded Mod... :laugh:

Just to make this go away from the unanswerred Section ... 8)
Ernie

Ernie's OpenCart v.1.5.6.5 LIGHT + V-Pro + OpenShop Admin v.1.75 Test Sites
http://www.bigmax.ch - http://www.opencart.li/shop/
Image


User avatar
Guru Member

Posts

Joined
Tue Mar 04, 2014 1:37 am
Location - Switzerland

Post by OSWorX » Mon Jun 18, 2018 2:10 pm

IP_CAM wrote:
Mon Jun 18, 2018 6:18 am
all Extensions have to be under the GNU/GPL
Well, I am not so sure about this, especially when it comes to paid Custom Work,
and I have not found a written statement from OC, requiring this, anywhere, so far.
As so many!
GNU/GPL defines clearly, that published code has to be 'source code', means not encrypted.
And if a software is delivered encrypted, the buyer has the right to receive the uncrypted code at any time.

Simply to understand - or not?

Paid or not.
Otherwise it is NOT a 'Open Source'.

But the key point is, as long as you cannot see inside the code, you will never know what it does exactly.
Calling home is usually at this time, e.g. asking for latest version, checking a possible license key.

But do you know if the module is not sending other data to somewhere??

That is the question.
And not 'stealing' any code.
If you need to encrypt your code, then there is something wrong with your business model.

Image


User avatar
Expert Member

Posts

Joined
Mon Jan 11, 2010 10:52 pm
Location - Austria
Who is online

Users browsing this forum: No registered users and 5 guests