How C# Vendors got filthy rich - Website Tech Scanning
Copyright-Bot scanning complete. One nasty legal letter coming right up.
License compliance emails
The web’s open standard made it easier for companies “wronged” to file for damages.
Using DeveloperExpress, Telerik, Sencha, SyncFusion, Froala, Infragistics, GrapeCity (also known as *****-city when their lawyers serve you copyright infringement letters) -
From the day you deploy websites or apps, till the day your website goes off-line, or apps removed from App Stores, you will be paying endless license renewals.
This is part of a series of investigations into IDERA’s and other big internet tech. business practices.
Reverse Malware Scanning
Internet bots often scan your site. The most common bots - search-engine, vulnerability-scanning, CSAM-scanning.
There are two new kinds of bots - copyright-compliance bots “CC” and file-scanning “FS” bots.
They are collectively I call them CCFS - copyright-compliance & file-scanning bot. It works similar to “Built-With” sites but with laser-focus to check for certain javascript or API points.
CCFS bots query certain bits of Javascripts, or back-end API points. CCFS bots try to hide by pretending to be a well-known Search engine, or a lesser-known search engine.
Version Check
CCFS bots sniff-out certain JS, CSS, or possibly download files that come with licensed software, and check version. Why version?
If you didn’t pay this year’s renewal… and claim to be using an older version of licensed software, your site (or software) can show this (Developer Express v. InstallAware, 20191).
CCFS bots download certain files, then upload them for certain security researchers to do penetration-testing. In Delphi there is a hidden “uses list”. There is an equivalent for C++ Builder.
Can you spot certain files belonging to Developer Express, and another VCL vendor in the image below?
Can you spot which version of Delphi, from the binary dump of the EXE file as shown below?
Heavy blurring due to fear of hidden binary fields that may expose serial number.
According to former employees2 doing such activities, they setup VMs, and install files, and use ILSPY or certain PE-ID or PE identification tools to make a report-based on what library or component the EXEs or DLLs are built with.
Tip for small businesses
Maybe something for Fast-Reports to look at? And for dBase too, if they can get their dBase Server fully developed… It was promised since…
License Detection
Once an offending HTML “part”, that contains a licensed material used in an unauthorized manner is detected, a gig-worker would then send a nasty letter asking to pay-up.
Several developers have stated, they spend tens of thousands on libraries. Once technology changes, they are forced to make hard decisions - stop the subscription, or move to a new tech, and yet - another subscription.
Development as a Subscription Model
The Developer Subscription Library business model means lengthy delays to bug-fixing, useless features, and careless development schedule.
Sometimes, after buying these endless subscription libraries, the end-result doesn’t meet or match profit expectations.
Any bugs or issues found are usually fixed months after a subscription renewal, forcing hapless developers to upgrade.
The prospect of having to re-buy the whole subscription again instead of a renewal discount means forced development choices.
Many developers are weighed down by endless subscriptions.
Do you want to deploy your Froala-enabled, or Sencha-enabled website, or Developer Express-powered site, without payment? Good luck. You’ll need it.
The names of the Delphi developers are…
Certain Delphi developers had their names printed in court documents.
I’ve redacted names. You can see them on the original court documents.
The names of the infringing Delphi developers are…
WordPress, Laravel Popularity
Have you wondered why technologies such as WordPress, Laravel are popular? PHP is free, anyone can download it, play with it, and create websites without additional charge.
Wordpress powers more than 42.7% of the web’s internet sites.
IntraWeb Usage
Have you seen any site powered by AToZed’s Intraweb site lately? What is the combined market share of site usage? Probably 0.000000001%
Unigui… powered by Sencha
Unigui is an interesting combination of Delphi server-site technology. Powered by Sencha. Sencha scans sites (as stated above). Sencha is doing Unigui a favor by exposing certain sites that have not properly licensed Sencha.
Python
Python is free of charge. Python is easy to learn.
Delphi Developers cannot learn?
Delphi developers say they cannot learn Python or PHP, as they are so weighed down by expensive libraries.
Delphi developers have to license again for each employee they hire. Where are the Delphi jobs?
Question for readers. Are WordPress themes licensed per site, or per developer? What’s the difference, one might ask?
If it’s licensed per developer, if you have 10 developers, you need to pay 10 times.
If it’s licensed per site, then for each site, you have to pay for it. How much does an average WordPress theme cost? Around US$10 - US$99 (with discounts for additional sites) per year. The price is paid by customers, not developers.
There are more jobs for PHP developers than for Delphi developers. Do the math. I’m sure Delphi developers do more “math” for license renewals and license compliance.
Additional corrections were made
Remove some typos.
Additional blurring/redaction
Confidential information. Can show proof if contested in court.