Will you deliberately write uncommon bad codes with strange poor designs to make plagiarisms easier to prove?

Kupotepo

Fantasy realist/ Forum Reactor‍/ Advocatus Diaboli
Veteran
Joined
Jul 5, 2017
Messages
1,860
Reaction score
1,886
First Language
Thai
Primarily Uses
RMMV
You can nesting and just write like you do. Remember the timestamp, so you can prove yourself create first.
And no one created the variables like this
led DoubleX;

@DoubleX, I think you ask to create a honeypot. Yes, you can write the bad code in specific line, so it is easy for you to just look for 1 places, 2 place, or 3 place.
 

Anyone

Veteran
Veteran
Joined
Aug 24, 2019
Messages
225
Reaction score
305
First Language
German
Primarily Uses
RMMV
There's actually a very big reason not to write bad code that just came to mind:

What about people who like to edit & modify plugins they buy?
Bad code or other means of obfuscating code actually is harmful to your customers.

The example that always come to mind for me is Irina's Visual Novel Busts. It's a good plugin that does what it's supposed to do. The moment you try to go even a step beyond that, you'll quickly realize severe limitations.
The code in the plugin itself has been written with the intent of making copying it difficult, which meant that when I adjusted the code for personal use to actually allow a whole array of comfort functions and additional features that make it so much easier to use and so much more intuitive, I had to basically regex the hell out of the entire single endless coding line to reformat into something legible.

It took me at least a couple hours to turn that code into something I could decipher, so I could then make additions or changes - or add stuff that, quite frankly, should've been possible from the start. (But there's no support for the plugin from the dev anymore.)

That sort of highly protective behaviour may make it more difficult for people to steal from you (though any experienced coder will have little trouble with that regardless of what you do) but it will definitely make it much more difficult for the people who pay for your plugins to actually use them & improve them as needed.

Protective & obfuscating coding is a very double-edged sword. You may discourge some to steal your code for their own gain, but you're definitely also placing boulders in the way of the often paying enduser.

I can understand why someone would want to protect their code, given the sketchy practices some people are inclined to do - but whenever I come upon some super-condensed, single line code that's deliberately made hard to read...and I payed for it...I do get a little ticked off at the plugin author. :LZSjoy:
 

Tsukihime

Veteran
Veteran
Joined
Jun 30, 2012
Messages
8,556
Reaction score
3,811
First Language
English
@Anyone
Speaking of obfuscation, there are things like WebAssembly or asm.js that could be amusing

If we want to really mess around, leave the development code private and release ridiculous stuff like that for production lol
 

??????

Diabolical Codemaster
Veteran
Joined
May 11, 2012
Messages
6,466
Reaction score
3,031
First Language
Binary
Primarily Uses
RMMZ
one time, I had to code a simple DOS game, in Pascal. For the lolz, I added some cheat codes.
when I told my teacher about them, he did a search for the cheat words within the code.
didn't find anything.
so, he did the search again, letter by letter.
again, he didn't find anything.
he turned to me with an expression on his face that I could definitely interpret as "Now how the F%$K did you manage to do that?!"
I had set the code to scan not keys, but ASCII code, which is the same.... but nobody would ever think of looking for numbers in code written with keywords, which is what ultimately happened.
I wasn't aiming to troll my teacher, but it turned out that doing it that way had saved me a few lines.
I wrote an input system for ace that had an addon system for processing cheat codes (can be found on my site if your interested). One of the default example codes I left in the script uses arrays of charcode numbers to convert into urls to load adult websites :p
 

YoraeRasante

Veteran
Veteran
Joined
Jun 6, 2014
Messages
1,636
Reaction score
417
First Language
Portuguese
Primarily Uses
RMMV
Aren't Irinas plugins just minimized? An online unminimizer should do it.

That said, I remember once has a problem with Irina's action sequences plugin, tried fixing it myself before telling her... could do it, but did not think of unminimizing the code first so had lots of trouble to find out where to change.
 

Tsukihime

Veteran
Veteran
Joined
Jun 30, 2012
Messages
8,556
Reaction score
3,811
First Language
English
Aren't Irinas plugins just minimized? An online unminimizer should do it.

That said, I remember once has a problem with Irina's action sequences plugin, tried fixing it myself before telling her... could do it, but did not think of unminimizing the code first so had lots of trouble to find out where to change.
Chrome/firefox inspector comes with prettify and I always use them when someone minifies their code lol. The results are quite excellent.
 

Anyone

Veteran
Veteran
Joined
Aug 24, 2019
Messages
225
Reaction score
305
First Language
German
Primarily Uses
RMMV
I wish I had known that...before I spent hours doing it by hand. :headshake:

Just did a test and accomplished what might have taken hours...in a second. :blink:
 

Aesica

undefined
Veteran
Joined
May 12, 2018
Messages
1,474
Reaction score
1,366
First Language
English
Primarily Uses
RMMV
Another reason not to use bad code to "mark" your plugins is...what if you leave the community, and because your plugin terms were generous, other people want to continue one of your plugins while of course maintaining your name in the credits? All you're really doing is screwing them over.

Overall though, I find that everybody has their own coding style, and two people trying to do the same thing (with at least some degree of complexity, anyway) are going to produce results that look completely different. If, however, you see a plugin that produces a result that looks just like something one of your plugins does, and the steps to get to that result in the code also look just like yours, only with different variable names, it's pretty obvious it's a ripoff.

Finally, obfuscation: While yeah, you can protect your code that way, you're also not only making it impossible for the end user to legitimately edit your code for their own project, but also, the level of obfuscation used can actually have a negative impact on performance.
 

Wavelength

MSD Strong
Global Mod
Joined
Jul 22, 2014
Messages
5,486
Reaction score
4,958
First Language
English
Primarily Uses
RMVXA
If I were so worried about having my work copied or distributed against my wishes that I'd be willing to sabotage my own work to make it harder to copy/distribute it, then I wouldn't be in game development.
 

theartofme

Villager
Member
Joined
Feb 21, 2019
Messages
20
Reaction score
26
First Language
English
Primarily Uses
RMMV
We can take @Tsukihime's and @Trihan's idea further by using steganography - hiding sensitive data inside ordinary data. One way to use this is to have a fingerprint - such as the invisible characters - but have it also be a part of the data your plugin uses, so that if it's removed the plugin stops working.

A simple proof of concept:
JavaScript:
// If this is present I can use it to prove I wrote it, because it literally says so
function WrittenByLustForLike() {}

// ...later in the code
let a = (WrittenByLustForLike.name.split(/\B/).reduce((a, b) => a + b.charCodeAt(0), 0) / 4 + 1) & 511;
let example = ["test"]
for (i = 0; i < a + example.length; ++i) {
    // this loop will run too many times if the name of WrittenByLustForLike() is modified, causing a crash
    example[i].length
}
And yes, like the hidden characters trick, if the trick is known it can be replaced, but it requires more understanding of the code; hopefully it's closer to requiring enough effort that it's not profitable enough.
 

Tsukihime

Veteran
Veteran
Joined
Jun 30, 2012
Messages
8,556
Reaction score
3,811
First Language
English
We can take @Tsukihime's and @Trihan's idea further by using steganography - hiding sensitive data inside ordinary data. One way to use this is to have a fingerprint - such as the invisible characters - but have it also be a part of the data your plugin uses, so that if it's removed the plugin stops working.

A simple proof of concept:
JavaScript:
// If this is present I can use it to prove I wrote it, because it literally says so
function WrittenByLustForLike() {}

// ...later in the code
let a = (WrittenByLustForLike.name.split(/\B/).reduce((a, b) => a + b.charCodeAt(0), 0) / 4 + 1) & 511;
let example = ["test"]
for (i = 0; i < a + example.length; ++i) {
    // this loop will run too many times if the name of WrittenByLustForLike() is modified, causing a crash
    example[i].length
}
And yes, like the hidden characters trick, if the trick is known it can be replaced, but it requires more understanding of the code; hopefully it's closer to requiring enough effort that it's not profitable enough.
If we can just run out code through a "trap generator" that will insert traps, I'd be OK with it. Just add it to the build chain and I get my dev version and then everyone else gets the trap ridden version lol
 

Anyone

Veteran
Veteran
Joined
Aug 24, 2019
Messages
225
Reaction score
305
First Language
German
Primarily Uses
RMMV
If we can just run out code through a "trap generator" that will insert traps, I'd be OK with it. Just add it to the build chain and I get my dev version and then everyone else gets the trap ridden version lol
If someone goes through the effort of making a "trap generator", someone will reverse engineer a "trap defuser" and you're back where you started. :LZYshock:
 

DoubleX

Just a nameless weakling
Veteran
Joined
Jan 2, 2014
Messages
1,728
Reaction score
884
First Language
Chinese
Primarily Uses
N/A
If someone goes through the effort of making a "trap generator", someone will reverse engineer a "trap defuser" and you're back where you started. :LZYshock:
In the case of RM plugins, I don't feel that anyone will go to that extent just to plagiarize someone else's plugins, even Yanfly is unlikely to face such a dedicated scammer.
Also, even if such scammers do exist, they're probably extremely rare, and they usually don't have the incentives to share their trap defuser, as doing so would hurt their self interest.
That's not to say I agree that trap generator must be a good thing, but maybe it's at least worth doing some private experiments if it's indeed technically feasible(not just possible as the effectiveness and efficiency impact on plugin development also need to be taken into account) :)
 

Anyone

Veteran
Veteran
Joined
Aug 24, 2019
Messages
225
Reaction score
305
First Language
German
Primarily Uses
RMMV
In the case of RM plugins, I don't feel that anyone will go to that extent just to plagiarize someone else's plugins, even Yanfly is unlikely to face such a dedicated scammer.
Also, even if such scammers do exist, they're probably extremely rare, and they usually don't have the incentives to share their trap defuser, as doing so would hurt their self interest.
That's not to say I agree that trap generator must be a good thing, but maybe it's at least worth doing some private experiments if it's indeed technically feasible(not just possible as the effectiveness and efficiency impact on plugin development also need to be taken into account) :)
True, but on the other hand: just exactly how many plugins do get stolen and sold?
Yanfly claimed someone stole one from him, but other than that RMV isn't really the place where people try to make the big bugs by stealing & selling plugins from what I know.

I honestly can't see any good coming from actually encrypting plugins. The only benefit you have is the knowledge that untalented programmers won't be able to steal your plugins, which - in all likelyhood - pretty much no one is currently doing anyway.

What are the downsides? When a dev leaves, the plugin is dead. There's no way for most amateur programmers to work through an encrypted plugin to make sure their version is updated or has errors fixed that were introduced by new updates.
It'll more likely than not lead to a plugin graveyard - stuff that'd be cool to have, but there's no skilled programmer around who will bother with wasting their time with decrypting and fixing someone elses plugin.

Itch.io plugins are more and more becoming dead-drops anyway. A dev makes a plugin, puts it on the storefront and no further support & updates will come. If it breaks? Well, there's a 10 buck plugin that no longer works flying around.

Now if you could read it, and work with it, you could maybe find a solution yourself and the money wasn't quite wasted. But once they're all encrypted, guess what? Plugin storefronts become a minefield full of duds - and not in a good way.

What's more, cross-plugin support & ways to make plugins compatible with each other will become ever more difficult. Some plugin devs are willing to add to their plugin for the sake of compatibility - but if they can't figure out what's going on in the conflicting plugin, they're not going to waste hours upon hours just decrypting it, so they can find a solution.

If encryption would actually be a thing, and everyone started doing it, while the plugin scene wouldn't outright die, I'm pretty sure it'd degrade quite a bit.

It's also pretty bad for the community attitude. There's a big emphasis on people making their work available to help other enthusiastic hobbiests - but when you start prioritizing safety for some unlikely scenario out of mild paranoia someone might steal your plugins over the ability to the community to make use of them and to the disadvantage of the enduser...
That sort of attitude can carry over. And suddenly, there might be a whole lot less assets available, because more and more people try to control the spread and accessibility of their assets.

TL;DR:
Paranoia over community benefits will hurt the community in the long term. A community where every plugins is encrypted and inaccessible for pretty much anyone but the author is a sad community on a sharp decline.
 

Zeriab

Huggins!
Veteran
Joined
Mar 20, 2012
Messages
1,266
Reaction score
1,409
First Language
English
Primarily Uses
RMXP
Reducing the quality of my own code as a goal? No thank you.

I don't remember ever having problems with scammers, but I would probably just leave if they ended up annoying me too much.
 

DoubleX

Just a nameless weakling
Veteran
Joined
Jan 2, 2014
Messages
1,728
Reaction score
884
First Language
Chinese
Primarily Uses
N/A
TL;DR:
Paranoia over community benefits will hurt the community in the long term. A community where every plugins is encrypted and inaccessible for pretty much anyone but the author is a sad community on a sharp decline.
So I guess the whole idea can only be feasible with a small portion of plugin developers, like those meeting the following conditions:
1. Have overwhelming popularity, reputations, and amounts of plugins and users
2. Are developing plugins with insane speed to deliver tons of features within a very short time, thus having to prioritize just about anything else above code quality anyway(as long as the plugins still work without nontrivial bugs)
3. Aren't caring much about external compatibility issues to begin with(but still caring a lot about internal compatibility issues)
4. Are already being harassed by plagiarisms that are hard to prove
Needless to say, this whole idea doesn't make sense to many plugin developers, including me whose plugins have next to no users and who is still just such a dumb noob that trying to implement this idea will cause all my plugins to malfunction completely :p
Therefore, I don't think this idea will ever be implemented on the community level and scale, but rather rare individuals happening to be under such special circumstances that they'll want to consider implementing this idea :)

Also, bobby-trapping your codes is just 1 way to implement the whole idea, and sometimes the situations don't call for such an extreme measure.
For instance, recently I've a very weird naming convention that, any nullable variable and functions intentionally returning nullable values will be suffixed with an underscore, like function result_(), meaning that the result_ function can return either a valid value or intentionally null/undefined, and container.result_, meaning that the result_property can either have a valid value or intentionally null/undefined.
It's effectively mimicking optionals in a very strange way, and I don't think many JavaScript programmers will even barely tolerate this practice.
So if one plagiarizes my plugin without removing this unconventional naming convention, it'll make me easier to prove the case, especially if my plugins are having some other uncommon constructs that are serving some purposes other than detecting plagiarisms(but will still be considered bad by many JavaScript programmers) ;)
 

Anyone

Veteran
Veteran
Joined
Aug 24, 2019
Messages
225
Reaction score
305
First Language
German
Primarily Uses
RMMV
So I guess the whole idea can only be feasible with a small portion of plugin developers, like those meeting the following conditions:
1. Have overwhelming popularity, reputations, and amounts of plugins and users
2. Are developing plugins with insane speed to deliver tons of features within a very short time, thus having to prioritize just about anything else above code quality anyway(as long as the plugins still work without nontrivial bugs)
Aren't those the developers that should least implement it?
Because if those leave, that's hundreds of plugins potentially turning inert at the next update.

Ultimately it's up to every dev what they do with their code.
But whenever I see someone make a special effort to render their code hard to work with, just because they fear someone might steal it, it makes me pause & discourages me a little from developing free assets for people.

To be honest, if I ever buy a plugin that looks interesting via itch.io or something, and then discover their code has been altered to such a degree that I can't work with it, can't make it compatible with my plugins, can't improve the functions to suit my needs - that's a plugin I'd refund in a heartbeat.
 

??????

Diabolical Codemaster
Veteran
Joined
May 11, 2012
Messages
6,466
Reaction score
3,031
First Language
Binary
Primarily Uses
RMMZ
Too many plugins on itch are overpriced as well. I've seen plugins on there that to do things like 'add game weather to battle' for like $5. Thats like 6 lines of actual code (including aliases)...
 

Tsukihime

Veteran
Veteran
Joined
Jun 30, 2012
Messages
8,556
Reaction score
3,811
First Language
English
If someone goes through the effort of making a "trap generator", someone will reverse engineer a "trap defuser" and you're back where you started. :LZYshock:
ALL FORMS of security WILL be cracked. Does that mean we shouldn't bother with any of it? There's no such thing as perfect security right now because given sufficient amount of time, someone will figure it out.

Add a lock to your door, someone will pick the lock. Or just kick it in.
Make it an electric lock, and they just hack the system. Or just kick it in.

Hasn't stopped people from offering solutions and making billions of dollars in the process :cool:
Hey, arms race has been the source of innovation and $$$$$ for centuries.

Aren't those the developers that should least implement it?
Because if those leave, that's hundreds of plugins potentially turning inert at the next update.

Ultimately it's up to every dev what they do with their code.
But whenever I see someone make a special effort to render their code hard to work with, just because they fear someone might steal it, it makes me pause & discourages me a little from developing free assets for people.

To be honest, if I ever buy a plugin that looks interesting via itch.io or something, and then discover their code has been altered to such a degree that I can't work with it, can't make it compatible with my plugins, can't improve the functions to suit my needs - that's a plugin I'd refund in a heartbeat.
Code authentication I think is a real problem that should be solved. It doesn't need to be mangled code, but it should be clever enough that people that aren't careful will leave fingerprints that will be treated as concrete evidence that it was plagiarized.
 

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

Latest Threads

Latest Posts

Latest Profile Posts

bro how do I have over 30 OCs
A good way to mix your own music? What's the learning curve on that?
Would it be better to pay a composer?
What theme for the next windowskin? You'll decide. Tell what you wanna see and I'll try for.
I just saw in a manga an interesting mechanic - setting up a stationary teleport beacon that one can go to no matter where one is in a dungeon. I think it'll work with a similar setup to how I did my airship transition.

Ooh what if you could set up multiple beacons and choose from a list of the beacons you set up?

Hmm...
Actor2_1 added!

Forum statistics

Threads
103,255
Messages
998,376
Members
134,754
Latest member
yvsxcii
Top