personal key

General discussion about the development of the open source Blender

Moderators: jesterKing, stiv

Statik
Posts: 0
Joined: Fri Apr 16, 2004 2:05 pm
Location: Nova Scotia Canada
Contact:

Post by Statik »

All you want is an executable, produced by blender, that runs by itself when your customer/user runs it (in windows, or linux, or whatever it's designed for). AND you want blender to ask for a password if someone tries to open that EXE in blender. That's it. Now if that someone wants to open the exe in a hex-editor and pull the key out, or whatever, the copyright isn't going to stop them either. You just want the casual hacker to be met with the password block.

Again, if blender is looking for a password that it MD5 hashes and compares to the MD5 hash in the file, it's that much more difficult for the hacker to open the file becuase he'd have to change how blender works to get it to accept the hash, or he'd have to hex-edit the file to delete the hash and unprotect the file. Either way, it's just basic protection to stop the casual hacker.

Statik

z3r0_d
Posts: 289
Joined: Wed Oct 16, 2002 2:38 am
Contact:

Post by z3r0_d »

Statik wrote:Again, if blender is looking for a password that it MD5 hashes and compares to the MD5 hash in the file, it's that much more difficult for the hacker to open the file becuase he'd have to change how blender works to get it to accept the hash, or he'd have to hex-edit the file to delete the hash and unprotect the file. Either way, it's just basic protection to stop the casual hacker.

Statik
(emphasis mine)

that would probably be very easy

it is trivial to download the blender source
and compile it

finding the files that load .blend files isn't hard
and changing them wouldn't be (unless obfuscated which open source code shouldn't be) isn't hard either.

kAinStein
Posts: 63
Joined: Wed Oct 16, 2002 3:08 pm

Post by kAinStein »

z3r0_d wrote: that would probably be very easy

it is trivial to download the blender source
and compile it

finding the files that load .blend files isn't hard
and changing them wouldn't be (unless obfuscated which open source code shouldn't be) isn't hard either.
Especially if you've already got code that can load the (packed) .blend successfully. Im my opinion there are more things that should be done instead of putting any effort in this topic...

Doc_Holiday
Posts: 2
Joined: Sat Jul 05, 2003 1:03 am
Contact:

Post by Doc_Holiday »

Sorry, but i don't understand this Discussion. Blender is Open-Source, right! But the Things the Users make with, are NOT! Nobody have the Rights to say: "Your Stuff is Open-Source!", besides the Author of it.
So, come out with the Key-Making Tool and let the Authos self decide which of his Work is free to the Community and which not.

Hm ... isn't this Tool a Part of the "Open-Source Project Blender"?
Doc

z3r0_d
Posts: 289
Joined: Wed Oct 16, 2002 2:38 am
Contact:

Post by z3r0_d »

Doc_Holiday wrote:Sorry, but i don't understand this Discussion. Blender is Open-Source, right! But the Things the Users make with, are NOT!

....


So, come out with the Key-Making Tool and let the Authos self decide which of his Work is free to the Community and which not.
problem is that because blender is open source, such a capibility would be bypassed IN SECONDS, it is not that there is a decision not to, it is that there is no reasonable way to.
Doc_Holiday wrote:Nobody have the Rights to say: "Your Stuff is Open-Source!", besides the Author of it.
.blend files are copyrighted like anything else, regardless of the implication of no locking mechanisim.

it would also be bad to present a locking mechanism as secure (think: the password protection of zip and word files, it simply isn't perfect, it only gets in the way of people trying to casually get into things but anyone willing to spend SECONDS [probably closer to 20 than 2] on the topic can find cracking tools very easily)

celeriac
Posts: 0
Joined: Fri Feb 21, 2003 11:31 pm
Contact:

Post by celeriac »

Blender HAS got a key-generation tool - under the money-generation sub-menu: Game>Licensing>Key-Generation>Money>Give me money>Give me free money>Lots of totally free money>Generate money. Make sure to tick the 'at no cost to myself' box.

bfvietnam
Posts: 0
Joined: Wed Apr 21, 2004 8:54 pm

Commercial work on open source is not evil.

Post by bfvietnam »

Open source applications are designed to be free, but there is nothing that should bind the user to creating works that are free. Sure some users might see this as a problem, because they want to access everything.. But if you want to make a living using blender, you need assurance of knowing your work is protected. For any kind of digital content this is nearly impossible to have 100% assurance, maybe 99.99%, because data in computer memory is always accessible, its a matter of upholding a policy that no casual user can get access to the data in memory or on disk. Its nearly impossible to keep this from happening.. Applications written for Windows are protected in that nobody would waste time decoding machine code back into the original C source, but fundamentally !!!ALL!!! software is open source by mechanism, its just a matter of how much time you are willing to waste to get at it the meaning of the code. Open source could be made unreasonably complex and this is almost the same as releasing a closed source application (apply a C source obfuscator that rips out the comment code). Some of the users I'm willing to bet, that are probably arguing this point more about futility of data/code security, are the same ones whose "attention span" are so short they would not even bother to backward engineer an application to obtain the "so called" proprietary algorithms and such. They feare more than anything the unecessary overcomplication of software and the lack of control over every inch of what they have on their machine.

To make money with software and data files, it relies on making backward engineering hard, or unprofitable, boring.. Sure someone could backward engineer one file of blender turned executable, but would it be possible to ensure that everytime the hacker wants to backward engineer one of these files, he is forced to waste a lot of time fuddling around with the bytes and word orderings.. I mean would he rather have a life or do that? Its when the process can be engineered to work in seconds, that the potential of using blender as a platform for commercial interactive web work become pointless. Some users don't want that, perhaps the ones who have a fast line and download stuff all day on kazaa, who have no interest in paying for anything. Its a free world, you can pay for what you want, but don't try to enforce it so that nobody can make money.. You probably wouldn't be here today if your parents hadn't been able to make the money to feed you. Think about it sometime..

ITs not impossible though to say deliver with every download a new decryption key with the content, then to include a serial code with every file. The serial code would help track you, adn teh asymmetric descryption key would verify that the content came from me. So if you decide to copy and pass the program out to your friends, until you realize the location of the serial code, maybe a few of yoru friends will have passed the file around enough, then it comes back to me, I can then query my database, and recall who paid for the program, where they live.. Of course the nay sayers will say, we can do this or that.. I know, but if enough people do things like this, you will have to pick your battles, you won't be able to hack everything under the sun, nor would you want to waste time doing it.. That's what people who want to make money with software and online content really want, to make their content easier to sell and harder to modify. The harder it is to modify, the smaller the distribution of anti=products.. Not to say they won't exist, they just will be less prevalent.

jm
Posts: 0
Joined: Mon Aug 25, 2003 11:31 am
Contact:

Post by jm »

RE:bfvietnam
Thank you!

jm

Apollux
Posts: 0
Joined: Sun Mar 02, 2003 4:27 am
Location: Santo Domingo, Dominican Republic

Post by Apollux »

If you REALLY are planning to make money with Blender and you think that you REALLY need to have some sort of encription, then by all means, download the source and hire an independent programmer to code it ONLY FOR YOU. Consider it as a start-up investment for your business.

But certainly don' t wait for it to happend on the public-available version, it just ain' t gonna happend for the many reasons previously exposed.

MadMesh
Posts: 0
Joined: Wed Mar 17, 2004 1:50 pm
Location: The Netherlands

Post by MadMesh »

Apollux wrote:download the source and hire an independent programmer to code it ONLY FOR YOU.
If you do that you still wont be able to create on-line games that play in the plug-in, it wil only work for executables. There has to be only one version of the blender plugin or else it is pretty pointless.

The encryption part in the source code should only be available to the Blender Foundation and locked of to the public (i dont know if this is possible). The blender foundation creates official binairies of blender and the plugin, only these binairies should contain the encryption data. I'm not a programmer so i dont know if this is possible to do or not but i do think blender should have protected files if you want to create commercial work.

Simply trusting people to respect your copyright doesnt sound like a solution to me. Copyrights can be tricky, if you change a model or a texture slightly it wil already be difficult to do anything about it. It doesnt have to be a perfect protection just enought to take away the temptation to simply "borrow" a piece of code or a model. Leaving it al wide open wil make it very difficult for an artist to explain to a paying client that the content of the game can easily be "ripped".

Just my 2 cents
MadMesh

theeth
Posts: 500
Joined: Wed Oct 16, 2002 5:47 am
Location: Montreal
Contact:

Post by theeth »

MadMesh wrote:The encryption part in the source code should only be available to the Blender Foundation and locked of to the public (i dont know if this is possible).
That's not possible due to the GPL.

Martin
Life is what happens to you when you're busy making other plans.
- John Lennon

bfvietnam
Posts: 0
Joined: Wed Apr 21, 2004 8:54 pm

Hmmm

Post by bfvietnam »

Its also possible I think, to purchase a special license of blender for commercial derivative work.. Is anyone buying into that yet? Certainly I'd love to see a blender controlled crane operator, at least more stable than using Windows CE.. Ha!

z3r0_d
Posts: 289
Joined: Wed Oct 16, 2002 2:38 am
Contact:

Post by z3r0_d »

MadMesh wrote:The encryption part in the source code should only be available to the Blender Foundation and locked of to the public (i dont know if this is possible). The blender foundation creates official binairies of blender and the plugin, only these binairies should contain the encryption data. I'm not a programmer so i dont know if this is possible to do or not but i do think blender should have protected files if you want to create commercial work.

Simply trusting people to respect your copyright doesnt sound like a solution to me. Copyrights can be tricky, if you change a model or a texture slightly it wil already be difficult to do anything about it. It doesnt have to be a perfect protection just enought to take away the temptation to simply "borrow" a piece of code or a model. Leaving it al wide open wil make it very difficult for an artist to explain to a paying client that the content of the game can easily be "ripped".

Just my 2 cents
MadMesh
actually that sounds the most feasable of anything else mentioned

sure it would keep us that compile from cvs from getting to open those files (are we simply going to have a locked option, and no signed option?), and it could probably be broken (though slower if than the source being avalible)

so, umm, $50 dollars US for a key, no other restrictions?
and only official bf-blender builds, (and a plugin if/when it becomes available) support it.

certainly not perfect

but then again, what other 3d software has locking features? (none come to my mind). It is an unnecescary feature for regular .blend files (which should simply not be distribuited if intended to be kept private), but for files intended for the blender plugin or a standalone player, why not simply have a compressed format which CAN'T BE CONVERTED DIRECTLY into a .blend file, the screen stuff doesn't need to be saved, and if it is just for a situation where it is intended for the game engine then a lot of other data can simply be left out (most material info, lamp info, all texture blocks....)

perhaps the security that you people clamor for (though, admitedly just to hamper the casual cracker) would be satisfied by making a conversion to something which it becomes harder to extract models and textures from

(most games have their own format, and it doesn't take long for exporters to other formats to come out, would the same level of security be good enough for blender content that is distributed?)

as for the foundation builds being key-capable, ton would have to look into the issues of that. (for one thing, iirc ton doesn't build them for all platforms himself)

Apollux
Posts: 0
Joined: Sun Mar 02, 2003 4:27 am
Location: Santo Domingo, Dominican Republic

Post by Apollux »

people, will you ever acept it? Blender is not for commercial game development, at least not now.

First is the issue with locking the files, since blender games aren't pre-compiled it is pretty much unlikely to happen.

Second, if you are expecting to actually get money from your game then you should also expect to actually INVEST money on a closed source comercial game engine. Then you will have all the compilation and locking you need.

Third, the speed, capabilities and features of Blender are (sadly) nowhere near of those in most comercial game engines in the market today.

So, please get over it. Either you keep doing free-to-all hobby games, or you get serious and buy a lisence for a real big-boy's toy game engine. If you sill whant to use you alredy done .blends then take a look at Torque Game Engine, they even have a Blender importer.

Again, GET OVER IT

jm
Posts: 0
Joined: Mon Aug 25, 2003 11:31 am
Contact:

Post by jm »

..or you get serious and buy a lisence for a real big-boy's toy game engine
you know, as I wrote before, sometimes there is no need to use "hi-end" commercial 3d engine. for some 3d aplications is Blender adequate.

thx to all, especially Blender Foundation. I'm just working on a projects that I plan pack into another applicitation(for commercial ..). I suppose that I will have money I give some part of it to blender foundation. :)

jm

Post Reply