[Vtigercrm-developers] Fwd: Re: vtiger > Market place module protection (was: joomla articles)

Vic Cekvenich vic.cvc at gmx.com
Sun Aug 17 22:07:13 GMT 2014 


-------- Original Message --------
Subject: 	Re: [Vtigercrm-developers] vtiger > Market place module 
protection (was: joomla articles)
Date: 	Mon, 11 Aug 2014 07:11:37 +0000
From: 	Zebra Hosting <support at zebrahosting.eu>
Reply-To: 	vtigercrm-developers at lists.vtigercrm.com
To: 	vtigercrm-developers at lists.vtigercrm.com 
<vtigercrm-developers at lists.vtigercrm.com>



Dear Screenivas,

Thanks for your explanation, (although I had those reasons also figured 
out). They are logical and make sense from vTiger point of view.
 From a hosting company point of view it will be a bit different. Guess 
we will have to advice people to run vTiger from their own VM if they 
want to use the marketplace.
Seriously increasing their costs from standard hosting. Lets see if they 
think it is worth it.

Remains the overal discussion how people protect their modules now 
outside the marketplace and if there is something to learn from that 
process.

Bastiaan Houtkooper
Zebra Hosting




> On 11 aug. 2014, at 07:02, Sreenivas Kanumuru <svk at vtiger.com 
> <mailto:svk at vtiger.com>> wrote:
>
> Bastiaan, Thanks for sharing your feedback.
>
> We considered using IonCube or ZendGuard. However, we didn't proceed 
> because of the following concerns.
>
>  1. Each extension developer has to purchase the Encoder ($400 to
>     $800) and pay additional support fees.
>  2. On the same MAC address we can have multiple copies of Vtiger. So,
>     the standard MAC address based restriction would not work.
>  3. Developer has to encode before submitting to Vtiger. (with our
>     loader, developer has to click a checbox to encrypt - nothing else)
>  4. IonCube doesn't work with APC. (reference
>     <http://www.google.com/url?q=http%3A%2F%2Fstackoverflow.com%2Fquestions%2F3828845%2Fare-apc-and-ioncube-fully-compatible&sa=D&sntz=1&usg=AFQjCNHp3GMEh17QElm2gKVseSMDmNQGnw>)
>
>
> We needed more flexibility, and wanted to make it easier and less 
> expensive for developers. So, we invested the time into developing the 
> Vtiger Loader as an alternative to  IonCube / ZendGuard / SourceGuardian.
>
> Regards,
> Sreenivas
>
> On Mon, Aug 11, 2014 at 2:42 AM, Zebra Hosting 
> <support at zebrahosting.eu <mailto:support at zebrahosting.eu>> wrote:
>
>     Creating a new subject to avoid hijacking Andrews thread.
>
>
>     Prasad, as mentioned earlier we are not going to use the vTiger
>     market place extension on our servers for security reasons and I
>     assume more companies will think the same way.
>
>     That leaves the option for those companies to install modules via
>     de manual install but the modules will not be encrypted and easy
>     to copy (correct me if I am wrong)
>
>     I haven’t been checking what could be an alternative option but
>     would love to hear suggestions and experience how people protect
>     their vTiger modules.
>
>     Ioncube has been a standard way but I am not sure how it plays
>     with the marketplace.
>
>     Would it be possible to add a modules to the marketplace with a
>     3rd party encryption like ioncube?
>
>     I really hope you guys find a way to make the market place work
>     with some form of security but without the mandatory extra
>     extension install. That would solve most issues (and end this
>     discussion)
>
>
>     Bastiaan Houtkooper
>     Zebra Hosting
>
>
>
>
>
>
>>     On 10 aug. 2014, at 20:28, Prasad <prasad at vtiger.com
>>     <mailto:prasad at vtiger.com>> wrote:
>>
>>     If you are not choosing source-protection for your extension on
>>     marketplace. When customer downloads the file it would not be
>>     altered. This would mean the code you had submitted (raw /
>>     encrypted) would be sent over.
>>
>>     I assume you would submit the code with 3rd party protection if
>>     you have already have the licensed copy of those application.
>>
>>     Could you please share more details on the confusion.
>>
>>     Regards,
>>     Prasad
>>
>>     *Connect with us on: *Twitter <http://twitter.com/vtigercrm> *I*
>>     Facebook
>>     <http://www.facebook.com/pages/vtiger/226866697333578?sk=wall>
>>     *I* Blog <https://blogs.vtiger.com/>* I* Wiki
>>     <http://wiki.vtiger.com/index.php/Main_Page> *I *Forums
>>     <https://discussions.vtiger.com/>*I* Website
>>     <https://www.vtiger.com/>
>>
>>
>>     On Sun, Aug 10, 2014 at 3:49 PM, Zebra Hosting
>>     <support at zebrahosting.eu <mailto:support at zebrahosting.eu>> wrote:
>>
>>         But than the source is unprotected.
>>         I would like to see (as mentioned by others) a common way
>>         like ioncube, to protect the source. I like the idea to
>>         support the market, I like the idea of bringing in modules
>>         but it needs a decent protection without extra libs.
>>
>>         Bastiaan Houtkooper
>>         Zebra Hosting
>>
>>
>>
>>>         On 10 aug. 2014, at 12:04, Prasad <prasad at vtiger.com
>>>         <mailto:prasad at vtiger.com>> wrote:
>>>
>>>         Bastiaan,
>>>
>>>         You can list the extension on marketplace for free and
>>>         opt-out source protection.
>>>         Customers will be able to use the same on CRM without need
>>>         of "exotic drivers".
>>>
>>>         Regards,
>>>         Prasad
>>
>
>
>     _______________________________________________
>     http://www.vtiger.com/
>
>
> _______________________________________________
> http://www.vtiger.com/

-------------- next part --------------
_______________________________________________
http://www.vtiger.com/

More information about the vtigercrm-developers mailing list