Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 7 years ago.
Improve this question
I'm having some trouble recently with the open source licenses. I started to feel like if they are somehow tricky! So, I'm just asking about the rights, attribution and so on..
Know, if I for example used a Ruby Gem, licensed under GPL, I install the gem, use it, my web app works! But there is no referring to the Gem, how is behind it, its license. I can't just believe that I have to include those for every gem I'm using. Do I have to? Or can I just use it silently?
So, a website with Rails (MIT), some GPL ruby gems, and so on, what should I include publicly? I think I'm not going to modify the source code of any of those gems.. Yeah, and if I have to attribute in my web pages, do I have to link to the licenses or even worse distribute my source code under the same license?
Also, if I found a tutorial or something like that that is licensed under Creative Commons BY-NC, should I distribute my whole work or put it under the same license, if I wasn't going to run them outside my own server? What if I wanted to distribute my software, which used ideas (and modified code) from the tutorial?
What about using formulas, which are more general than being owned? One-liner commands from stackoverflow when a gem doesn't install - Should I attribute that I used that to install the gem?! I think of course not, but just asking to make sure of the whole thing..
A website is normally the output of a program. Like you save a text-document with your word processor in disk, the document itself does not fall under the reciprocal license of the proprietary word processor (MS Word) or the reciprocal and permissive licenses of the free software word processor (Open or Libre Office Writer).
Only in case you create and distribute derivative or combined works (e.g. packaging multiple programs together in one package) you need to care about the licenses.
That for sure always depends on the concrete things you do. You need to document these concrete things, then go to your lawyer and then find out for the stuff you exactly do if and how copyright is in effect and based on the licenses used and if in effect, which steps you need to do.
Here on SO we are all only software developers (or if lawyers, not your lawyer) so we can not give you any legal support.
Usually stuff about licences can be a little confusing with open source software being released under different licences and usually the license documentation is usually written in lawyer jargon which proves difficult to understand for a lot of people.
Luckily this kind of question has been asked alot of times in SO. Just look at the licensing tag and order the questions by votes and you should find a few questions that pretty much answer your questions. In particular look at this question.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
I want to monitor my network against DDoS and found a screen shot of DDoS monitoring alert by someone. Can any one let me know which software is this after seeing snap shot.
I don't recognise this specific gui, but it could be a customization of snort Gui's.
You can use snort to achive your goal, there are 4 snort gui project active by today.
here is a description:
BASE
The Basic Analysis and Security Engine was based off of the old ACID code codebase. The ACID GUI interface (which is now dead, and has been for about five or six years) was a college project written by an attendee of Carnegie Mellon. It hasn't been actively developed since about 2003. BASE, a fork of the ACID code, picked up where the original author left off, added a bunch of new features, and made it easy to use, multi-language, and a highly functional GUI. There were plans for a redesign of BASE, including the database format that it reads from, but Kevin Johnson, the original BASE project manager has since left the project and turned the project over to new management. However, it remains the most popular Snort GUI interface with over 215,000 downloads. BASE is written in PHP, and has several dependencies. BASE has it's own IRC channel #secureideas, although there is rarely anyone there, so most people come to the default #snort for help.
Snorby
A relative newcomer to the Snort GUI area, Snorby uses a lot of "Web 2.0" effects and rendering providing the user with a very sharp and beautifully functioning tool. This seems to be the current "go-to" web interface for Snort. While it has many of the features of BASE (and a lot more, hotkeys, classifications, an iOS interface, and actual pdf reporting), and not as featured as SGUIL (in terms of architecture), it's extremely easy to deploy, looks fantastic, and functions as an alert browser very well. Snorby's code is hosted on Github, here. Another advantage of Snorby is that it integrates with the OpenFPC project. Functioning similar to how SGUIL collects all information on the network using Full Packet Capture (FPC), Snorby gives you the ability to not only view the Snort alert, but also to view the alerts in context with the rest of the packet flow on the network. Snorby's IRC channel can be found at #snorby.
SQueRT
Paul wrote in about SQueRT. SQueRT uses the SGuil database format and is also web based. You can see the screenshots and download it at the link above.
There is a comparison of that three too here
There are many more projects but are currently inactive with exception of the squil. The most active projects by today, that you can use are SQueRT and Snorby
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
Is there any online, editable, code base that can also compile the code?
This is more of an "I wish" than a question, since I've tried to find one with no success. It seems to me that there are a number of open-source, very popular systems which could be integrated for a great benefit to the open-source community.
An online collaborative tool, basically a wiki. Needs to have some versioning.
An IDE/SDK type tool - at a minimum just a syntax checker and compiler
If these two are combined, you would have an open source project that anyone contribute to. The way I see it working is like this:
Every wiki page is a single class
To update a class you must pass a syntax check, including not breaking any other classes that depend on this class
There are two kinds of users - administrators and contributors (who can be anonymous).
Administrators have to approve updates to classes before they can be included in a compile-able release. They also rate the changes that they "approve", which is a sort-of ranking system for the contributors. If security is a concern, you could say that every approved change is randomly assigned to another admin for approval, and if that person detects malicious code then the first approver is now suspect and may be removed from being an admin.
Contributors can download any approved release, and can optionally download a version that includes all of their own revisions that have not been approved yet. This is normally for their own testing, but maybe they just want to change a behavior, even if no one else likes that change.
Any class (that meets certain requirements) can be marked as a "root" class, which means it can be compiled with its dependencies.
The advantages with this system seem huge to me!
Participation with almost no effort. The work of joining an open-source project is normally at a minimum an hour or more. That is in addition to initially downloading and installing a compatible SDK tool.
Learning about open-source with much reduced effort. I see many more people joining in with a friendly, wikipedia style site that they can just browse through as a way of learning the code base
Better code base (refactoring) All those people who tweak wikipedia will be free to tweak source code too. Cleaner code will in turn be easier to read and maintain.
Easy customization If I want to add a feature to my favorite open-source software, I can just make a change and download the compiled version. No need to
This could be a build process for web servers. Plug this into updating a web-site, and it can replace your current build server. When a version is approved, it just deploys the update (presumably on a schedule so it is during low-usage hours)
I see a few down-sides, the same as those that already exist in wiki sites and open-source projects, somewhat amplified. But I think these all have somewhat standard
Public/anonymous contributions could be bad or malicious
Blocking "spam" contributions
Bandwidth of downloads (all those executable files)
CPU to compile all the versions
Does any such thing exists? If not, how feasible would it be for a team to put this together? Are there any other major problems that could kill this idea?
This idea just occurred to me one day, and I can't find it. I'm putting this "out there" partially to "establish prior art". This idea is free to be taken and used, just not free to be patented :p.
Perhaps you're looking for Cloud9 IDE?
From their website:
Cloud9 IDE is an online development environment for Javascript and Node.js applications as well as HTML, CSS, PHP, Java, Ruby and 23 other languages... Teams can collaborate on projects and run them within the browser. When you're finished, deploy it—and you're done!
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
I am looking a tool for protect and licensing my commercial software, Ideally must provide an SDK compatible with Delphi 7-2010, support AES encryption, Keys generator and capacity to create trial editions of my application.
I am currently evaluating ICE License. Someone has experience with this software?
Here's my list of software protection solutions. I'm looking at switching from ASProtect to another protection so I'm also in the process of analyzing most of these programs:
Themida (Oreans)
http://www.oreans.com/products.php
There are unpacking tutorials for all the versions of Themida. There is however the possibility of requesting "custom" builds which might help avoid this.
Code Virtualizer (Oreans)
http://www.oreans.com/products.php
Allows to protect specific parts of the application with a Virtual Machine. A cracker on a forum said he "made a CodeUnvirtualizer to fully convert Virtual Opcodes to Assembler Language".
EXECryptor
Very difficult to unpack. GUI does not work under Vista. Appears to no longer be developed.
ASProtect
Small protection overhead. Appears to no longer be developed.
TTProtect - $179 / $259
13 MB download. Chinese developer. Adds about xxx overhead to the exe.
http://www.ttprotect.com/en/index.htm
VMProtect - $159 / $319 (now $199/$399)
http://www.vmprotect.ru/
10 MB download. Russian developer. Seems to be updated frequently. Supports 32 and 64-bit. Uncrackable according with one exetools post, but there seems to be an unpacking tutorial already.
Enigma Protect - $149
http://enigmaprotector.com/en/home.html
7 MB download. Russian developer. Regarded as very difficult to crack. Adds about xxx overhead to the exe.
NoobyProtect - $289
http://www.safengine.com/
10.5 MB download. Chinese developer. Regarded as very difficult to crack. Adds about 1.5 MB overhead to the exe.
ZProtect - $179
http://www.peguard.com
RLPack
http://www.reversinglabs.com/products/RLPack.php
KeyGen already available.
One thing to note is that the more protection options you enable on the software protector, the bigger the possibility of the protected file being flagged by an anti-virus as a false-positive. For example, on Themida, checking the option to encrypt the file, will most likely create a few false-positives by a few anti-virus programs.
I'll update this answer once I get more replies from a hackers forum where I asked some questions about these tools.
And finally, don't use the build-in serial number/license management of these tools. Although they might be more secure than using your own, you will be tied up to that specific tool. If you decide to change software protection in the future, you will also have to manage all the customer keys transfer to a new system.
Don't bother. It's not worth the hassle. Only a perfect licensing system would actually do you any good, and there's no such thing. And in the age of the Internet, if your system isn't perfect, all it takes is for one person anywhere in the world to produce a crack and upload it somewhere, and anyone who wants a free copy of your program can get it. (And using a pre-existing library just gives them a head start on cracking it.)
If you want people to pay for your software instead of just downloading it, the one and only way to do so is to make your software good enough that people are willing to pay money for it. Anyone who tells you otherwise is lying.
I have used OnGuard (using the Delphi 2009/2010 source from SongBeamer) along with Lockbox to handle encryption with success. Both are commercial quality libraries and are free to use with full source.
I did once also use IceLicense, but switched to OnGuard/Lockbox which allowed me greater control over the key generation process which we embedded directly into our CRM system.
Of course there is no %100 bullet-proof protection suite, but having some type of protection is better than having nothing.
I worked with WinLicense in Delphi 2009 and Delphi 2010 on Windows XP and Vista. It is a good product with lots of protection options, and customizations. It provides a SDK for developers, and has nice documentation and samples. It also provides a license manager for you. They provide trial download too.
As far as I remember, they offer some customer specific versions too; that means they are willing to provide a custom-built product which is customized according to your needs, but of course that will cost more.
Since WinLicense is a well-known and popular protection suit, many crackers are after it. As you know, the more famous a tool is, the more appealing it is to crackers. But the good thing about Oreans is that they actively monitor underground forums, and provide frequent updates to their products.
So IMHO, if you are supposed to buy a prebuilt protection suite, then you'd better go for WinLicense.
A little late to the post, but check out Marx Software Security (http://www.cryptotech.com) they have a USB device with RSA & AES on chip, with network based license management.
I bought a license for ICE License in 2007. Unfortunatly (as far as I know) the component haven't been updated since June 2007. Back then a Vista compatible version was in the work but never came out of beta. I don't think they updated the component for Delphi 2009 and 2010 yet.
Ionworx is an one man company which might explain the lack of updates and lack of answer to support questions (emailed them 2-3 times since 2007 and never got back to me). They also removed their support forum from their site.
ICE License is better than nothing but I would stay away from this product because the lack of updates & support.
I investigated this a few years ago, and came to the following conclusions:
All copy protection can be broken
Nag screens on load irritate people to the point where they may stop using the product
Random nag screens can interrupt the users work flow to the point where they perceive it to be a reduction in the speed of the application
Set up compiler options, so that you have a version as a demo (perhaps with save functions removed), reduce multi user versions so that only one client can connect at a time (not using, for ex:
if connection=1 then reject
but reducing the viability for multiple connections in code)
Themida has good protection, and I think it built with Delphi too ;-)
if you have a better budget, you can look at winLicense and other tools from same company.
Have a look at this question which is pretty similar, and includes many of the tools.
Take a look at InstallShield. We've been using it for a while ourselves, and it has a lot of capabilities for trial support, licensing, and others. I don't know about key generation off the top of my head as our use doesn't require keys, but there's a lot available to you from them.
AppProtect wraps an EXE or APP file with computer unique password or Serial Number based online activation. QuickLicense is a more comprehensive tool that support all license types (trial, product, subscription, floating, etc.) and support both a wrapping approach or API to apply the license to any kind of software. Both are available from Excel Software at www.excelsoftware.com.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I have an Access 2000 program handling the receiving of goods in the company.
I need to Export Inventory Items and Quantities to Quickbook (enterprise 2007?). I have a good handle on the Access program, but know nothing about quickbooks.
Can this be done? What would I need for it?
Look into the QuickBooks SDK, a free download from Intuit. It provides a COM object interface or XML interface to all of the QuickBooks data. Additionally, if you need to do this over a WAN, you can use the QuickBooks Web Connector to talk to QuickBooks asynchronously over a WAN.
QuickBooks integration is not a trivial thing to accomplish. There are many gotchas. Your best friend will be the Intuit Developer Network forums.
You do not want to use QIF, QFX, or IIF exports. They are deprecated formats which can cause data corruption. Additional information about various methods of integrating with QuickBooks can be found on this integration wiki page and on this QuickBooks integration wiki.
Take a look at the QuickBooks SDK. If you want something simpler to work with, QODBC (with the write capabilities), while not free, will probably be simpler to work with for Access.
Google is your friend here. Quickbooks has some primitive import capabilities, but there are a number of small products that do what you need. This guy seems to have some pretty good stuff. Essentially there are a couple of different text formats (QIF and OFX if memory serves) that are used for Quickbooks import, the problem with them is they don't do much error checking. There is also a Quickbooks SDK which allows you to make calls using COM (yum) to import, and that does full error checking (it actually calls into a running version of Quickbooks), but is probably overkill for what you want.
Take a look at Quickbooks SDK and Documentation. The SDK has two COM interface: QBFC and QBXML. The difference in using QBXML, you need to serialize and deserialize XML manually which isn't hard once you get the handle of it. And I find QBXML much more convenient since you can choose to include requests and responses you need.
Also, if you plan to use Quickbooks SDK, the Online Reference is your best friend.
+1 to Yishai. I've been using qodbc for about 10 years now and 4 or 5 different versions of quickbooks. qodbc utilizes a database-like syntax to interact with the company file.
UNLIKE any form of proper database interaction, do as little work as possible in your query itself, as the qodbc driver can take 10 seconds to 2 minutes to handle a dozen records from a table of roughly 1000 records. A process that can import 15 orders with 5 lines each means talking to customer, item, invoiceline, invoice tables and can take 5 minutes. Sadly, I often am reduced to building a MySql database based on mass exports while I sort out and understand the data. THEN I go back and try to make queries directly.
While being an ODBC data connection in windows is great, learn to distrust each link in your toolchain and figure out how to troubleshoot problems to prove aspects positively correct as well as positively wrong. My most recent problem was with QB11 on Win7 x64 computer. The php stack at the time was suspect and was causing errors. And please always try to perform error checking, which is somewhat painful in that environment, but becomes crucial when "something breaks later".
This very minute I'm researching the php stack for win7 to see if I can again trust it for use with qodbc and order importing. (exporting from magento)