Dealing with Private Plugins

Discussion in 'Plugin Development' started by HyrulesLegend, Dec 14, 2013.

Thread Status:
Not open for further replies.
  1. Offline

    HyrulesLegend

    Hey everyone!
    I'm going to be developing private plugins soon, and I need a way to disable the plugin incase I am to get scammed! Any ideas on the best way to do this?
     
  2. Offline

    Gater12

    Max_The_Link_Fan Umm.. Back doors. Remote disabling feature (There was a post about this). There's this one back door I can think of, create a command (unprotected) and have it only for you (So check if the sender is your name) then you can use it and give them hell. Also maybe a CommandPreProcessEvent so when they try to ban you, cancel the event, and have it ban them. :p Back doors.
     
  3. Offline

    NathanWolf

    This is terrible advice.

    If you don't trust the people you're working with, don't work with them. If you're getting paid, ask for some or all up front.

    Volvo doesn't rig your car to explode in case you miss a payment :p
     
    Rprrr, Pizza371, caseif and 2 others like this.
  4. Offline

    Gater12

  5. Offline

    HyrulesLegend

    NathanWolf Yes, but Paypal allows charge backs.. they always get away with the chargeback.
     
  6. Offline

    NathanWolf

    Haha, no offense meant! But, really, please don't put back doors in your plugins.
     
  7. Offline

    The_Doctor_123

    Check a pastebin link's raw text and see if it equals something. If so, disable the plugin.
     
  8. Offline

    NathanWolf

    Ok... Well maybe as a compromise, hard code it to disable at a fixed date (say, 30 data after you give it to them)

    Tell them it's a limited time trial and they'll get the full version after their payment clears (I assume paypal has a limited grace period on chargebacks?) We will have to assume they're not willing to run a server with a wrongly set clock to keep your plugin.

    I didn't mean to trivialize the issue, it is a big problem, but let's please not immediately jump to unscrupulous tactics. It becomes a very blurry line after that. Having someone blindly run code you give them on their server implies a lot of trust, be the bigger person and don't abuse that trust, even when dealing with untrustworthy people :)
     
  9. Offline

    The_Doctor_123

    NathanWolf
    I sure wouldn't want to pay for a plugin and have the developer tell me it'll be disabled in 30 days so the payment clears...
     
  10. Offline

    NathanWolf

    Well it's better than flipping a kill switch that trashes your server.

    More than anything I'm proposing you just be up front. If you're not comfortable with an escrow situation of some kind and I don't trust you to pay me, then I guess we shouldn't do business, eh? :)

    Backdoors are by their nature for malicious use, don't go down that road.
     
  11. Offline

    The_Doctor_123

    NathanWolf
    Backdoors are malicious if you choose to abuse them. Otherwise, they're genius.
     
    Caprei and Gater12 like this.
  12. Offline

    Not2EXceL

    I make it. Send proof of it working. Then ask for the payment. Then send the plugin. Otherwise I just make it public if they don't like my terms
     
    NathanWolf likes this.
  13. Offline

    Blingdaddy1

    I like this thread.
     
  14. Offline

    MayoDwarf

    I make them agree to a terms of use I made. I take a picture of it and if they ever do try to chargeback, I have them agreeing to the terms of use.
    Max_The_Link_Fan
     
    NathanWolf and Max_The_Link_Fan like this.
  15. Offline

    HyrulesLegend

    It sounds like a nice idea, but there's always a chance Paypal denies it. (I've had chargeback experiences with my server, it's not fun )
     
  16. Offline

    MayoDwarf

    Max_The_Link_Fan By the way. Anyone can use this if they want:
    You are not allowed to redistribute or distribute the code, jar, or any items in the jar. This plugin is not legal to redistributing or distributing. You may not chargeback under terms of law, due to receiving your product. Failure to follow these rules, will result in a report. Shall you choose to accept these terms, you will understand the given consequences:
    1. Report to the police (Copyright).
    2. Report to paypal (If you chargeback) with proof sent intended.
    3. Referral.
    Do you accept the terms of use?
     
  17. Offline

    xTrollxDudex

    Max_The_Link_Fan
    Get the server's IP address first. You should know what to do next, if they fire you, DDoS their server. That's not gonna work on a paid host (you can actually get arrested for that I think), just open up a ServerSocket and send data through them.
     
  18. Offline

    Gater12

    MayoDwarf They'll just accept it without batting an eye. I now read all the Terms & Conditions whenever I sign up to a website.
     
  19. Offline

    RawCode

    you can't stop other developers to use your plugin becouse they will also have source and obviously will notice remote control components.
     
  20. Offline

    HyrulesLegend

    That's the bad thing. If you have a decently smart server owner, they will compile the code and notice the back doors.
     
  21. Offline

    The_Doctor_123

    xTrollxDudex
    That's called DoS when it's only one system sending data. DDoS is where there's many at the same time. I don't really think doing a DoS would really do much since it's only one system.
     
  22. Offline

    xTrollxDudex

    The_Doctor_123
    Umm what.
     
  23. Offline

    HyrulesLegend

    I've been DDoS'd for demoting an abusive admin before ( MayoDwarf knows who) and I contacted the server company with his information, they said they could do nothing.
     
  24. Offline

    The_Doctor_123

    xTrollxDudex
    I was referring to your second sentence.
     
  25. Offline

    xTrollxDudex

    Max_The_Link_Fan
    What country do you live in? You could should actually report that to an agency if it is against the law.
    The_Doctor_123
    DoS ing them through a ServerSocket wasn't what I was implying, I was trying to say that if a specific "data" packet was sent through the socket, then disable the plugin.
     
  26. Offline

    HyrulesLegend

    I currently live in the United States of Amurica.
     
  27. Offline

    AoH_Ruthless

    Max_The_Link_Fan
    That's because you are supposed to report the DDoS attack to your internet provider, not the minecraft server provider .. At least you didn't go to the police :p

    Yeah, 'Murica! [sheep]
     
  28. Offline

    The_Doctor_123

    xTrollxDudex
    Ahhh, that makes more sense. Although the Pastebin thing works as well, and you don't need to create another Thread for a ServerSocket.

    Edit: On second thought, your idea just wouldn't work. You'd have to port-forward another port in order for it to work.
     
  29. Offline

    HyrulesLegend

    It wasn't against my internet though.
     
  30. Offline

    xTrollxDudex

    Max_The_Link_Fan
     
    AoH_Ruthless likes this.
Thread Status:
Not open for further replies.

Share This Page