Cabbage Logo
Back to Cabbage Site

Implementing a simple antipiracy security

Looks cool, but couldn’t end users share the password?

That’s right…

Making an “unique password” that works looks hard because it would mean users have to give their machine id or something to generate it, and it’s a bit complicated.

This method would prevent copy/pasting the vst3 without a code, but maybe it’s not worth implementing it after all.

I might lower the price from 50$ to 30$ to make sure people want to support the developer and rely on constant updates etc. It’s maybe a better option, I have to think about it

Edit: it might be useful for a smooth transition between the “demo version” and the official one though, even if it could be pirated easily

I think this is a good option. Hopefully you can generate enough to break even, and then build from there with your next plugin. That’s all anyone can really hope for at the start of a venture like this.

I think a trial version is good. The best part of it is that your plugin gets beta-tested across a host of different platforms, helping you spot any issues along the way.

Yes I agree! I’m doing many many beta tests at the moment so I try to spot issues (with the transient shaper algorithm and with the plugin itself)

The main goal is to do my best to help musicians and release something I will still be proud of in a few years. Then, if I manage to make a living out of it, it’s a bonus and it would be a “dream life”, but dreams don’t often come true so I will just continue working on my plugins and see where it goes :slight_smile:

I think a decent security requires at least some internet communication, for instance:

  • Have a website, blog or facebook/instagram (cheapest) presence with a buy link to said product.
  • after buying your product, you should get something personal from the user like his IP-address (and optionally machine) by way of a button click event.
    -save the user’s personal information and upload it to a file where you have the info for all users of your product ; keep the file on your personal webspace where only you can access.
    -when trying to install your product, the file list should be retrieved and checked against the user’s IP.
    If a third party now tries the installer, there will be no list to compare it to (or way to access the list ?).
    This makes your buy link the only way to get your product.

Something along these lines, I have no experience in this whatsoever.

1 Like

Yes, your design would work.

However as a musician this kind of design is a pain for the user. For example, when your computer dies and you have to install again 20+ plugins, you don’t want to have to contact the support for each plugin.

Honestly I think the simpler approach is just to ship many updates and not add any anti piracy method.

Another method that could be nice is to generate a custom build for each buyer or add a custom asset for each buyer. If I buy the plugin as « nymano » then the UI will display my name and my contact details. Of course it won’t protect the plugin but it’s a just a way to avoid sharing the plugin too easily…

But of course the most secure approach would be to store the user machine Id in a db and test if it matches with each install with api requests. I think it is too complex to maintain and if someone really wants to pirate your plugin he just has to replace the http request with a dummy one and in 10 sec your plugin is cracked and anyone can use it offline.

After 2-3 months of research I decided to not implement any antipiracy method in the plugin, instead I add « made with <3 by Nymano » so the user knows that it’s an indie plugin and if he likes it he can support.

One of my favorite developers ‘analog obsession’ uses a donation based business, you may want to look into this as it carries some benefits.

Commercial:
For the long run:
Let’s say your project is making some income and progress. It doesn’t take much for the authorities to detect your income, if you are not already a legally registered business owner. You then will actually be forced to comply to the statistics and regulations of the system (provide enough value over time).
There are many other things than software security that go into play in running a business, that you may not be aware of at the start…

Donation based benefits:

  • Look into your country’s taxation rules.
    In my country you can earn about 2.5 k / person per year in donation before you have to file this.
  • You have to do much less of all the things that you actually do not want to do (for example regarding the increasingly severe regulations)
  • When your software looks interesting, almost guaranteed way to know what people actually think of your work and possibility to improve.

I’m getting more convinced of the latter personally. I can imagine my work rotting on my computer for years otherwise.
Good luck.

I second your 2 additional workarounds.

I can see the continuous update method work in the user not knowing what is exactly updated.

For hobbyists it would be a nice way to be rewarded for your work. You can also have a look at Patreon’s subscription based system.

For now I’ll stick to one time payments and no anti piracy system but let’s see if I change my mind in the future :smiley: