Announcement

Collapse
No announcement yet.

Invision Power decides to encode IP.Nexus without prior notice

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Originally posted by carntheroos4eva View Post
    Pity that many people will probably turn away from it.
    That is a great possibility.


    vB5 is unequivocally the best forum software, but not yet...

    Comment


    • #17
      Is the data from Nexus stored in the database or file system encrypted or just plain text?

      Comment


      • #18
        Originally posted by Floris View Post
        Is the data from Nexus stored in the database or file system encrypted or just plain text?
        As I understand it on ips sites it is unencrypted stored in the db.
        .......

        Comment


        • #19
          About everything vb and everything IPB is released nulled, soon after IB or IPB or any addon coder releases it. Its a major issue for commercial coders.
          I can surely understand that IPB wants to encode this product. Its not forum software, but financial/ecommerce software.

          Another issue is that crappy addons can have disastrous effects. Its not like forum addons where at worst your site slows down, your site goes down or is hacked. Worst case scenario: you have to restore a backup.

          With ecommerce software you risk fraud, financial crime and hackers have major commercial gain. Worst case scenario: pissed customers, getting banned from Payment Service Providers, police investigation and major financial damage.

          So there is much to be said for encoding it.

          On the other hand, I would want to be able to modify the code and would be extremely disappointed if I bought encoded software without knowing.
          I buy 420 forums

          Comment


          • #20
            http://files.zend.com/help/Zend-Guard/obfuscation.htm
            My Forums: The Geek District - Off Topic Hut
            My Blog: Mikeylicious
            Projects: Shorten URL's with kwn.me

            Comment


            • #21
              Originally posted by Lojo View Post
              As many may know Invision Power the developers for IP.Board developed a new product add-on for IP.Board which is called IP.Nexus. On July 26, 2010 they had their first pre-sale for IP.Nexus which you can view here.

              They then announced a second pre-sale on August 9, 2010. Today they finally announced the release of IP.Nexus.

              The problem is they decided to encode the new IP.Nexus product, so every who purchased IP.Nexus got screwed as Invision Power did not tell their customers that the new product add-on would be encoded.

              My respect for Invision Power is now gone.
              And with this, Invision have ensured that I will not even consider them for anything I ever do, either on my existing site or in the future.

              Only vB or XF will be considered going forward, and of course XF is still beta so would only be used after Gold.
              MARK.B | vBULLETIN SUPPORT

              TalkNewsUK - My vBulletin 5.5.2 Demo
              AdminAmmo - My Cloud Demo

              Comment


              • #22
                Originally posted by FreshFroot_ View Post
                How are they protecting their product. It is already protected, when someone reports their site.

                This just makes things worse, and hackers will decode it. hackers love this type of thing. I remember ccms did this for their software. Afterwards they encoded it with ioncube. It was then decoded by a hacker and then all over the internet. You can't stop true piracy, you can bring it down. But the truth is it won't be stopped. It's just like criminals. You can't catch them all, but you can cut the amount down. Encoding just has more cons than pros.

                If your worried about piracy, then just have a reporting section.

                Encoding kills mainly because if that company ever goes under or has server problems. Then the software calling home or matching license #'s etc.. Will not work and then your software will lock or shutdown. I had this when I got RPG Inferno for vB. The server and company left, and I was stuck with a product, that didn't work because it didn't have a server to call home to verify it's license every week or set time. Nor could I edit it, because the software I paid for was encoded. So I was out of $200 for software I was promised would last for a long time.

                Overall, there are just many more down sides for users. Sure a business may not care, there are no downsides besides losing members.

                Look at vBseo, they had to stop encoding too. Other competitors came in and had unencoded software like nuSEO.

                The worst part as I stated earlier is the fact that they did this without notifiying the customers in advance. Or giving them a refund if they don't agree to the new terms.
                It's not piracy the main reason for encoding. We're talking about a product which is responsible for payments, a very delicate subject. See also the reply from ipb regarding this

                We chose to encode it to maintain security of features that we add to Nexus as it develops over time. It is important to keep things dealing with finances as secure as possible and this is just another step we can take to maintain as high a level of security as possible. Shared hosting can still run encoded software - it is actually quite common to see encoded scripts out there particularly in the business marketplace.

                http://community.invisionpower.com/t...with-zenguard/


                Also as a last word

                Zend Guard encoded files can be opened by any server with Zend Optimizer compiled into PHP. It is freely available, and is common on most shared hosts. If your server has cPanel on it, it's a just a tickbox in EasyApache.

                Comment


                • #23
                  Originally posted by Ramsesx View Post
                  As I understand it on ips sites it is unencrypted stored in the db.
                  So to protect the data, they're encrypting the software.

                  Sounds like completely useless then. Hackers just focus on the os, web services, mysql itself - instead of trying to escalate privileges through .php code flaws.

                  Comment


                  • #24
                    Originally posted by Mark.B View Post
                    And with this, Invision have ensured that I will not even consider them for anything I ever do, either on my existing site or in the future.

                    Only vB or XF will be considered going forward, and of course XF is still beta so would only be used after Gold.
                    Who knows, if they like the feedback and results from it, they do the same to their forum software or anything else - or shelve it like that other product. It's like vBulletin; can be changed at any time.

                    Comment


                    • #25
                      Originally posted by ManagerJosh View Post
                      I'm not sure how encoding programming code achieves PCI compliance
                      Well, it does cover them from any responsibility if someone using the software in a PCI compliant zone, having edited the files, causing issues with the compliance.
                      Shamil Nunhuck, - Radon Systems Ltd.
                      VPS + Dedicated Server Hosting and Management
                      vBulletin Hosting and Services
                      Server / Website Consultation

                      Comment


                      • #26
                        You guys still don't get it. YOU CANNOT ENCODE SOFTWARE and THINK it will be safe. I guarantee you within 1 yr someone will DECODE the software's encryption and have the full source code.

                        I understand a new way of WHY they are encoding now. It makes sense if it's an ecom site and utilizes payments etc.. BUT, encoding software doesn't prove that it will be safe. Everyone seems to be forgetting the point. NOTHING is ever safe.

                        I majored in a security program, so I know this and I can't stand to laugh when people bring up encoding and how it will save their scripts. The fact is it won't. It will only buy IPB some time. Encoding = a cat and mouse game or cops and robbers. It's a never ending circle and for anyone to think it's 100% full proof. Well they are wrong.

                        Anything can be bypassed if you know how it is made.

                        Anyways I stated earlier.. I won't be touching IPB at all.

                        XF or vB is going to be my move unless something new pops up.

                        Vanilla forums seems to be doing well these days.

                        Comment


                        • #27
                          anybody remember vbseo
                          lol

                          Comment


                          • #28
                            Originally posted by Floris View Post
                            anybody remember vbseo
                            lol
                            If it wasn't for nuSEO, vBSEO would never have unencoded their software.

                            I tested vBSEO with it being encoded in ioncube and later when they didn't encode it anymore. There was quite a large difference in performance. That is even though they kept insisting that it would not effect the performance. I suppose they have to lie to sell their product. And I bet you anything they were stealing data from users forums eg. marketing/stats data. Since it was encoded we can't see what is happening.

                            it's too bad the creator of nuSEO vanished. He had some amazing products and had vBSEO working for their money.

                            Comment


                            • #29
                              They are offering refunds for anyone who can't/does not want to use the encoded version

                              Comment


                              • #30
                                I saw this, and even posted about it on my own forum. I can't believe they didn't tell their customers beforehand (buying it). That it was encoded. Pretty shocking I thought that they should pull such a sly stunt as that! And what are they doing anyway, starting encoding a product in the first place?

                                Originally posted by FreshFroot_ View Post
                                If it wasn't for nuSEO, vBSEO would never have unencoded their software.

                                I tested vBSEO with it being encoded in ioncube and later when they didn't encode it anymore. There was quite a large difference in performance. That is even though they kept insisting that it would not effect the performance. I suppose they have to lie to sell their product. And I bet you anything they were stealing data from users forums eg. marketing/stats data. Since it was encoded we can't see what is happening.

                                it's too bad the creator of nuSEO vanished. He had some amazing products and had vBSEO working for their money.
                                To be honest, I don't think it had so much to do with nuSEO. More the fact people didn't want to use it because it was encoded. They was loosing sales they could have been getting had it not been.

                                Hence why they probably decided to remove the encoding later on to try and capture more missed sales. People are generally just wary about using encoded software, and it doesn't play well with many Shared Hosts either. It effects site performance (like you mentioned), but also leaves people stuffed if they want to try and change certain things to suit their own site.

                                I expect IPB will remove it, sooner rather than later once they see people in general won't use it encoded.
                                Last edited by MRGTB; Sun 7th Nov '10, 5:39am.

                                Comment

                                widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                                Working...
                                X