Logos and the piracy battle.

Page 1 of 4 (78 items) 1 2 3 4 Next >
This post has 77 Replies | 0 Followers

Posts 8
Filadelfia Vennesla | Forum Activity | Posted: Sun, Apr 4 2010 11:57 AM

Hi Guys.

I'm wondering: why do Logos allow people to download ANY files at all through FTP? Why are not all resources, logos itself and everything else completely locked-down and protected through hashing, salting, SHA1 and you-name-it?

I know downloading the resources itself won't give you access to anything, but you are still giving the hackers an open hand by not protecting them, as that gives everyone who wants to crack this software an easy way of accessing the files. All they would need are the license file and the whole system is broken, 'cause the resource files themselves can be easily downloaded from your FTPs by anyone without any protection at all. Also, it consumes A LOT of bandwith. You are in a way hosting the files for the hackers..

All resources should be tied to a users computer the same way windows is tied to a users hardware (and music, videos etc to an itunes account), and they should also be password protected though salting and hashing so that no resources would be generic anymore, but tied to a user specifically. That way, in order for a resource to work in logos, it would first have to be verified against your logos account to see if you are entitled to that resource, then logos would check your lisence file to see if you where allowed to use the resource, then logos would check to see if the computer you use logos on is a valid computer, and if any of these steps failed, you would not be getting the resource at all.

And no hotlinking to resources through FTP. This way no one can download the files as they would have to be shared through some kind of file sharing service, or through torrents. All of them being time consuming and resource consuming ways to get the files, thus preventing the spread of them. And if the resources themselves also were tied to a users account, downloading them from some illegal place would make no sense as the hardware signature wouldn't match, and thus making more problems for them.


Now, the only thing you would need to add, is a way for users to reset their computer lock-downs from time to time, and also set a max amount of computers logos and it's resources could be tied to.

 

Just my 2 cents on the issue.

Chris

Posts 6484
Forum MVP
Lynden Williams | Forum Activity | Replied: Sun, Apr 4 2010 1:06 PM

I am not familiar with all of the techniques that you mentioned Chris, but you seem to be on the right track, when you mentioned tying it to the users computer. Presently Logos allows you to install the software to as many computers that you own/use. Limiting it to three or four seems more than fair to me.

That way pirating the software will be greatly reduced. With the way it is now, it is easier to pirate than L3.

Everything ever written in Religion and Theology formatted for Logos Bible Software.Logos Youtube Channel

Posts 18712
Rosie Perera | Forum Activity | Replied: Sun, Apr 4 2010 1:16 PM

Lynden Williams:

I am not familiar with all of the techniques that you mentioned Chris, but you seem to be on the right track, when you mentioned tying it to the users computer. Presently Logos allows you to install the software to as many computers that you own/use. Limiting it to three or four seems more than fair to me.

That way pirating the software will be greatly reduced. With the way it is now, it is easier to pirate than L3.

It's actually harder in L4 to steal products than it was in L3. The only files that are downloadable via FTP are the Libronix files, but things made for L4 are only downloadable from within the software. I'm sure hackers could steal stuff it if they really wanted to. Logos has not put a huge effort into fighting piracy. I suppose they figure if someone wants to steal the Bible and resources useful for studying it, they probably need it more than Logos needs the money. Maybe they will be convicted by the "thou shalt not steal" part...

Posts 168
Bill Gordon | Forum Activity | Replied: Sun, Apr 4 2010 1:19 PM

I doubt if piracy is that big a problem for Logos. People that want the type of books sold by Logos don't tend to be priates. Of course, I did have a Bible stolen once, so I might be wrong.

Posts 2693
DominicM | Forum Activity | Replied: Sun, Apr 4 2010 1:20 PM

Logos EULA is very generous, but I think your concerns are ill founded. Piracy is dead, (well amost) no Logos 4 books are on the FTP server, they are elsewhere.. :D

Logos took a huge step forward in this ( to annoyance of some users) when designing L4

All books are verified against your Logos Logon when the program starts. 

 

Never Deprive Anyone of Hope.. It Might Be ALL They Have

Posts 2736
Bohuslav Wojnar | Forum Activity | Replied: Sun, Apr 4 2010 1:23 PM

Lynden Williams:

I am not familiar with all of the techniques that you mentioned Chris, but you seem to be on the right track, when you mentioned tying it to the users computer. Presently Logos allows you to install the software to as many computers that you own/use. Limiting it to three or four seems more than fair to me.

That way pirating the software will be greatly reduced. With the way it is now, it is easier to pirate than L3.

You really think one person can use more than 3 or 4 computers? I think the limit is given clearly by one owner of the license. If you use one computer, your limit is one copy of the software. If you use 3 computers, your limit is 3. Looks very practical to me. The protection of the Logos 4 seems more sophisticated to me than Libronix 3. But I am not an expert.

Bohuslav

Posts 6484
Forum MVP
Lynden Williams | Forum Activity | Replied: Sun, Apr 4 2010 1:29 PM

The problem comes in with persons who decide to make money off the software. Consider the process used to verify ownership of the software. In the same way I can login on one computer, that information could easily be shared with several people.

I vote for tying it in to the hardware, and limiting it to four or less computers.

Bob P. has talked about individuals going around on Seminary campuses installing the software on others computers for a price.

Everything ever written in Religion and Theology formatted for Logos Bible Software.Logos Youtube Channel

Posts 18712
Rosie Perera | Forum Activity | Replied: Sun, Apr 4 2010 1:30 PM

But one person can be logged on to Logos on more than one computer simultaneously (I do it all the time on my desktop and laptop side-by-side)? What is to keep people from giving their logon account and password to a bunch of friends? I suppose the fear that those friends might log on to your Logos account and buy books which would get charged to your credit card is the only protection. Or is there something else? Again, I don't think Logos is particularly worried about this scenario. I think they've been doing very well selling plenty of legitimate copies of it to cover their losses if a few people cheat the system. And the more people have access to God's Word and the means of studying it in depth, the better.

Posts 2736
Bohuslav Wojnar | Forum Activity | Replied: Sun, Apr 4 2010 1:42 PM

Rosie, I think mainly what should stop person from giving it to anybody else is he would constantly mess up the owners synced stuff. Of course that is next to the conscience issue, which should be the first in any case, but that's obvious.

Bohuslav

Posts 25045
Forum MVP
Dave Hooton | Forum Activity | Replied: Sun, Apr 4 2010 2:48 PM

Lynden Williams:

I vote for tying it in to the hardware, and limiting it to four or less computers.

Your best security is a none-trivial account password (at least 12 characters) and not telling or giving it to anybody, because you will pay for any purchases made to that account if it contains your credit card details. The number of computers might be Logos' best security but pray they don't use it because you could be limited to 2 with only one installation per computer!

 

Dave
===

Windows & Android

Posts 218
John Nerdue | Forum Activity | Replied: Sun, Apr 4 2010 2:56 PM

I had a problem with L4 and was on the phone for about 3 hours with tech support and we got to talking about this issue. He said they were able to see if there were multiple computers using your id and password at once and said they could do something about it if they saw 6 computers in different areas all logged on at once.

Was this correct information? I don't know but I take the tech at his word.

Posts 25045
Forum MVP
Dave Hooton | Forum Activity | Replied: Sun, Apr 4 2010 3:10 PM

James Chaisson:
Was this correct information? I don't know but I take the tech at his word.

It is information they can obtain very easily and they would know how many installations were on one computer!

Dave
===

Windows & Android

Posts 201
Garrett Ho | Forum Activity | Replied: Sun, Apr 4 2010 3:11 PM

It should be true. They can trace the IP address to see the general (or specific, depending on how far they take it) location that it is being used.

I concur with the above posters. Logos 4 is a lot more secure than Libronix. It is not difficult for people to load up another's license file in Libronix. There was a good blog post on this topic a while ago, and I appreciate the steps Logos has taken to improve security while at the same time not making it overly cumbersome for its users.

Posts 2736
Bohuslav Wojnar | Forum Activity | Replied: Sun, Apr 4 2010 3:14 PM

James Chaisson:

I had a problem with L4 and was on the phone for about 3 hours with tech support and we got to talking about this issue. He said they were able to see if there were multiple computers using your id and password at once and said they could do something about it if they saw 6 computers in different areas all logged on at once.

Was this correct information? I don't know but I take the tech at his word.

Sounds logical. In case somebody would break in your account and you would notice strange changes in your synced documents, I think Logos should be able to find out how many computers use your account. Then the change of your password should stop the illegal users from exploiting of your account. Am I right?

Bohuslav

Posts 3163
Dominick Sela | Forum Activity | Replied: Sun, Apr 4 2010 3:22 PM

I don't see how people could share a logon id, with everything syncing on the Logos server you would be tripping over each other like crazy. Just image 2 or 3 of us having our accounts sync to each other, it would be a nightmare.

Posts 25045
Forum MVP
Dave Hooton | Forum Activity | Replied: Sun, Apr 4 2010 3:45 PM

Dominick Sela:
I don't see how people could share a logon id, with everything syncing on the Logos server you would be tripping over each other like crazy.

What is your point, Dominick. 3 people and one logon id is a violation of the EULA whilst 1 people with 3 logon's (same logon id) is not! But that is difficult for Logos to know, even if three people are "tripping over each other"!

Dave
===

Windows & Android

Posts 8967
RIP
Matthew C Jones | Forum Activity | Replied: Sun, Apr 4 2010 4:17 PM

James Chaisson:
Was this correct information? I don't know but I take the tech at his word.

He only touched the surface of the security layers inherent in the design of Logos 4. To help keep tempted users honest, consider these:
1) Logos has privy to what ISP you log in from.
2) Logos can find your specific address you log in from if they need to.
3) Each computer that logs in has a MAC address built into the hardware (Media Access Controller). It is like an individual electronic fingerprint, if you will. Even if you can clone the chip like Kevin Mitnick, you will get caught.
5) Logos can log multiple computers signing in to your account and what geographical areas they are in.
6) Logos can disable your licenses, or your account access, or destroy your installation if they choose whenever you log in.
7) Logos could have a "time-bomb" hidden in your installation that disables an "orphan" installation after a set period if you are trying to fly below the radar by avoiding synching with the servers.
8) God is watching your every move, and thought, and ...

With Logos 4 the future looks very secure.

Logos 7 Collectors Edition

Posts 2724
Kevin A. Purcell | Forum Activity | Replied: Sun, Apr 4 2010 4:26 PM

Bill Gordon:

I doubt if piracy is that big a problem for Logos. People that want the type of books sold by Logos don't tend to be priates. Of course, I did have a Bible stolen once, so I might be wrong.

You'd be surprised at how much this is an issue. There is a web site devoted to stealing Logos and other Christian digital media content. I was made aware of it when asked to do an article about it. I have not yet done the article, but am thinking about it.

Posts 3163
Dominick Sela | Forum Activity | Replied: Sun, Apr 4 2010 4:29 PM

Dave Hooton:

Dominick Sela:
I don't see how people could share a logon id, with everything syncing on the Logos server you would be tripping over each other like crazy.

What is your point, Dominick. 3 people and one logon id is a violation of the EULA whilst 1 people with 3 logon's (same logon id) is not! But that is difficult for Logos to know, even if three people are "tripping over each other"!

My point is that even though it is a violation of the EULA the practicality of actually doing work in that state of violation is a more severe impediment.  IMHO it would not be worth Logos' while to spend any cycles worrying about it, given the architecture they now have.

Posts 6484
Forum MVP
Lynden Williams | Forum Activity | Replied: Sun, Apr 4 2010 4:29 PM

James Chaisson:

I had a problem with L4 and was on the phone for about 3 hours with tech support and we got to talking about this issue. He said they were able to see if there were multiple computers using your id and password at once and said they could do something about it if they saw 6 computers in different areas all logged on at once.

Glad to know that they are on top of it.

 

Everything ever written in Religion and Theology formatted for Logos Bible Software.Logos Youtube Channel

Page 1 of 4 (78 items) 1 2 3 4 Next > | RSS