FLOSS Posts: 6
10/03/2024
|
Thanks for not deleting this account. I might sound offensive but this is not my intention - aux contraire...
I believe, you didn't get me right. I really liked your software because it made it easier to handle updates and to keep the soft in one place (directory except NirSoft) and I apreciate your work really.
But and this a big but! I am now in the scene of portable software quite a time - mention the "portable".
I've made some soft portable which was not intented to. So I got along your system of SyMenu to cover "portables" the way your system is dealing with this "problem" is the problem now.
The fortune of portable soft is compatability, put it on any windows-pc and - SECURITY! Which I can't mention enough.
I don't know how much you are into security, but I doubt you are not very much.
You told that it is too much work. How do you handle the extra work to secure your users private data about their E-Mail adresses and their passwords? I really doubt that you can handle this. Firms with millions of capital failed with this.
- Sorry ran out of time but if you keep this account alive I perhaps may help you with the problem of keeping up the service. THX and Greetz
edited by FLOSS on 10/03/2024
|
|
link
|
FLOSS Posts: 6
11/03/2024
|
And there is some more to reply: There are quite some softs in this portfolio that you were not to have legal rights to publish in your platform. You just ignore them because of software developers just won't to mess around with legal stuff. So you are using others peoples work for your own fortune.
May I introduce you to some examples: Firefox portable - John Haller still is upset with you about integrating his workgroup craftmanship into your soft.
Thunderbird portable - John Haller still is upset with you about integrating his workgroup craftmanship into your soft. SIV System Information Portable - never gave you an agreement.
drivegleam - never gave you an agreement.
on and on...
You may argue, that these are all opensource and free.
At the moment you are demanding money, it is no more. I am really upset of you to get money about of this. Needing an E-Mail account for this now - it's bad. - Just like Google - Don't be evil. We are.
HTH
edited by FLOSS on 11/03/2024
edited by FLOSS on 11/03/2024
edited by FLOSS on 11/03/2024
|
|
link
|
FLOSS Posts: 6
11/03/2024
|
was to correct
edited by FLOSS on 11/03/2024
edited by FLOSS on 11/03/2024
|
|
link
|
FLOSS Posts: 6
11/03/2024
|
And again: If you can't handle it, Try to survive. If your software project is to overcome you, you won't get away from it. Otherwise it will kill you. Sell it commercial - if anybody will give money for it. Or make it opensource and your thoughts might overcome and reprodruce. Huh...
|
|
link
|
Gianluca Administrator Posts: 1270
11/03/2024
|
Dear @FLOSS
You surely used the wrong tone but it's not a problem for me, I'm used to dealing with all sorts of morons. But your last messages instilled in me the doubt you could be a good person and you can probably be a great addition for this community instead of being a pain in the ass. So I agree with you, "it could be a misunderstanding".
As a rule of thumb, I suggest the users to not put too many topics in a single post because it's impossible to answer everything in a structured (I like structured things) and useful (for the readers) way. I will reply only to some of your questions/topics and I would like you to open new threads if you want to go further with any of these arguments.
Community policies. You are still in this community because I never kicked out anybody. Literally. Not even the morons. Well... except some Chinese friends that in the past used this forum to publish advertising for shoes, t-shirts or whatever. Instead a lot of people voluntarily went away because they felt this community doesn't suit them, but this was their choice. So don't worry. I can delete inappropriate contents but you won't be banned.
Security. Well you are partially right here. The user's email is, for now, stored in clear in the user database. It's a thing I've always wanted to fix and I'll surely do it when I have some free time. The passwords instead are quite safe because they are hashed before storing them in the DB. The communication from your browser for the web site and from SyMenu are encrypted with SSL. Anyway my intention is to change this reasonably safe setup improving its security with a TOTP. SyMenu requests a single login, so the burden to produce and supply the system with a TOTP key is occasional on the user side. But the security will improve. The SyMenu credentials on your local PC are stored inside the SyMenuConfig.zip file. So unzip it and open the simple xml file you'll find inside. Open the xml and search for the identity key. You'll find some attributes in this key like a guid, your username (in clear) and your encrypted credentials. Try to decrypt them as you like (maybe with a brute force attempt?) but you won't succeed because the crypting method is AES-256. Why a symmetric encryption instead of a safer asymmetric algorithm like RSA? Simply because I can't give the burden of managing a private key to users that don't understand anything about that. Well I've almost forgotten. The encryption is salted if you are asking yourself that. So have a good time trying to crack this. Probably you underestimate who I am when you tell me that "you don't know how much I am into security, but you doubt I am not very much." but you are perfectly right when you say that "Firms with millions of capital failed with this.". Maybe is it one of the reasons for which I'm trying to get some money from this project? To make it flourish and improve it? To give the best service I can to you? I'm not a greedy person as you suggested, I'm only trying to do the best here because I'm the person who cares more about this project.
The legal stuff. You again are partially right here. It's true that some programs should require an explicit authorization to be redistributed. And I'm very happy if someone can help with this, studying the licenses and asking for permission from the authors that require for an explicit authorization. In the same way I will be very happy if the authorization won't come because this way I know for sure I have to remove the program as I did in the past. I want this project to remain legit but again I'm quite alone to attend all these tasks, the community is not so collaborative and the people that already help are literally overwhelmed. If you want to help with the legal thighs, please be my guest.
PA. A paragraph apart is dedicated to my old friend J. T. Haller. His license doesn't mention that redistributing his software is forbidden. Well he can't do that unless he wants his community to wake up and turn around him. What he was complaining about, last time I read his rants, was that SyMenu is stealing the bandwidth of the PA website . Dear John, you are on the Internet a download is meant to be downloaded... Plus the majority of his software is hosted on SourceForge. So what's the real point for this? The other complaint was that I'm unpacking his software without using the PAF unpacker. He even creates a terrifying message when the unpacking is made "the wrong way". So you can ask why I'm not using the right PAF unpacker. Well the problem here is that the silent unpacker is reserved to the PA Launcher and if you are not the PA Launcher it doesn't work. You can use the "explicit unpacker", that is what you get when double clicking a PAF from Windows, but it's not the way a user wants to be assisted in SyMenu. The entire "installation" phase must be unattended, exactly the same way the PA Launcher works. Where I live these kinds of "measures" are called software protection. That means that John considers the PAF software as his own property and not a nice share with the world. Then the right question become: How aware are his contributors of this protection? The PAF packages are not John work, at least not entirely because he has a great community with him that does the majority of the job. A lot of his people think their own job is done for sharing, that it's open, that the intention is to spread free software. How conscious are they about the real policy of their boss? Do you know that a past version of the PAF packager has an explicit protection against SyMenu and Lupo Pen suite? Since I imagine you are (or was) a member of the PA community you should know that in the past I asked John to collaborate because SyMenu could be a game changer for the entire portable movement. Or was the community kept in the dark? He simply ignored me and from then on tried to sabotage my project, mentioning it together with other projects that are sadly known to pack portable cracked programs.
So am I really the terrible criminal I'm depicted to be?
edited by Gianluca on 10/10/2024
|
|
link
|
sl23 Posts: 285
11/03/2024
|
See, the thing I'm stuck on, is the term 'redistribution'. To me that means downloading it, repacking it and then passing it on. But symenu does not do that. Pick any ten apps in symenu portfolio and check their sps files. Every single app is downloaded from the official site. There are a very few old, now unobtainable apps that I and some others have managed to get and put those on another site for use in symenu. But all of mine were so old they are now obsolete and have been removed.
So disregarding those apps, how is this redistributing anything? Symenu does nothing more than share the original download link.
Wrt John haller, I myself have witnessed personally what an arrogant twat he is and quite agree with Gian about John's behaviour, mindset and jealous approach to PA system.
I wish Gian and John could work together because those two systems merged would be amazing! But if I pick a side, it's Gian's.
|
|
link
|
Gianluca Administrator Posts: 1270
11/03/2024
|
sl23 wrote:
Every single app is downloaded from the official site. Well to be crystal clear some apps, neither old nor abandoned, are actually redistributed because their own web sites prevent the direct download. In this case, if the redistribution is not explicitly allowed by the license, I'll remove them with no problems at all. I only need that someone ask for that, because it's not possible to read thousands of licenses... apart from the section where a program self-styles as a freeware software that is what interests me more. I don't expect to receive "cease and desist" injunctions because a kind and friendly message is enough for me.
Usually the download prevention from a web site is not there for license reasons, above all if we speak about freeware software, but to be sure the users know the authorship of a program or to prevent abuses. BTW SyMenu gives all the merit to the authors in the program's details tab and during the download.
Anyway if someone has something to object, I'm always here to help.
|
|
link
|
sl23 Posts: 285
11/03/2024
|
OK I was unaware of this. Though I knew of some software not allowing direct downloads, I thought those weren't added.
Still, I agree with you. Objections need to be stated, if there are any.
Just like to add, FLOSS, I myself suggested to Gian about paying for the service he offers. The guy has put 20 years into this project! That's is quite stunning really! Not sure how old the sps system is, but I've been using symenu around 5-8 years I think, all those updated sps files created by one man, every week, for 20 years! You're not paying for the software that symenu provides, you'll be paying for the update service for symenu to auto update them for you. Symenu will be free to use, but I believe the plan is to have a paid for service that updates all those apps for a small fee. I personally don't think that's a bad deal. Don't you think?
And BTW, don't worry FLOSS, everyone's a moron at some point!
edited by sl23 on 11/03/2024
|
|
link
|
FLOSS Posts: 6
11/03/2024
|
OK! Thanks for your detailed answer. - really,!
But I think you still got me wrong.
Me myself, don't care about your twist with PortableApps, I just find them to be a more "intelligent" way to "virtualize" soft. And I got in hefty discussions with John really hard too.
You don't get the point. If I have to register to update your soft, I cannot anonymously redistribute my prepackacked bundle of portable apps and symenu to my friends and share it via cloud or my own server. It is just this fucking registration process that I complain about, - oh man please get rid of it. I was lucky to have a pc which I didn't update and updates are still functioning. You don't even provide old versions, or am I only too dumb to find them? Please give me a link.
As of this now, there is no technical need for a registration. I still wonder why you went this step. Reading your lines I am impressed that your are familiar with salting accounts, but sorry I don't trust you and I don't see the need for a registration. Obviously you cant handle it any more. Why not make it opensource. Would have the benefits to fix some bugs that you didnt. and btw: I said github - not sourceforge...
have a nice day
edited by FLOSS on 11/03/2024
|
|
link
|
JackoBongo Posts: 7
11/03/2024
|
Hello Gianluca, as far as I understand, you're maintaining alone the entire repository contains the list of software alone, which is obviously time consuming. I can understand you could make a paid version if it's too much of a burden to you (and I wouldn't blame you, no one should). But why don't you make it open-sourced? After all, this is how Homebrew is working. You could still have the final word on any word on any Pull Request anyway. And approve it when you want (it's not a big deal if we get a program updated 1 month after). And maybe find devoted volunteers to help you on this task. I know you didn't find people to help you to help you on the application's code, but coding is one thing, maintaining a software list up-to-date and testing it is an other thing (much easier ).
|
|
link
|
Gianluca Administrator Posts: 1270
11/03/2024
|
JackoBongo wrote:
But why don't you make it open-sourced? It's really simple. SPS is an open standard. Do you want the schema? I can tell you where to download it. Or you can use a software that reverse the xml itself and get it by yourself. A schema can't be protected, it's open by definition otherwise the data loaded in it can't be shared.
If you want to create and post a new SPS for a software we still don't have in the suite you are free to do that. If you want to push it in the SyMenu system to share it, you can do that without telling me anything. I will only review your job to be sure you haven't done anything wrong or bad for the community. I created a software for the volunteers that are helping me. It's a tool (SPS Builder) available in the SyMenu suite that guides you to create and push your SPS in a really simple way. But if you don't like it you can use a different software, or use Notepad.
So, my friend, everything is already available for everyone.
The problem nobody seems to understand is that we have 1.700 programs here. And a lot of them change every day. The proud suite editors helping me are less than 10 but I'm maintaining by myself at least half of the entire program collection.
I need an army here. Because the target is to add every single freeware software on the Internet, not a number as small as 1.700. If I don't have an army I need money to dedicate myself more and more to the project.
|
|
link
|
Gianluca Administrator Posts: 1270
11/03/2024
|
FLOSS wrote:
If I have to register to update your soft, I cannot anonymously redistribute my prepackacked bundle of portable apps and symenu to my friends and share it via cloud or my own server. And finally we got it! Read MY license available here https://www.ugmfree.it/manual#Licence And above all read 2.b:
"You may not distribute registered copies of the SOFTWARE PRODUCT to third parties without written permission. Official versions available for download from UGMFree’s websites may be freely distributed."
What does that mean? It's possible to redistribute the SyMenu installer package (zip) but not a registered copy (a configured copy to be clear) without my permission. And you haven't requested my permission. This kind of distribution is causing me a lot of problems and it's one of the main reasons you get the login today. BTW... I'm thinking about suing you for license infringement
FLOSS wrote:
I was lucky to have a pc which I didn't update and updates are still functioning. SyMenu will function forever, even outdated versions will do. The update of the suite programs instead will work only until I decide the time has come. After that moment the system won't download anything more if you are running a SyMenu outdated version.
FLOSS wrote:
Reading your lines I am impressed that your are familiar with salting accounts, but sorry I don't trust you As I told you before, I'm dealing with any kind of animals so you won't be banned unless you publish shoes advertisement. But you are free to go when you want. Trust is the foundation of this community, if I don't deserve your trust probably this community is not suitable for you.
|
|
link
|
JackoBongo Posts: 7
11/03/2024
|
This is where you're losing me: if you don't expect to earn money from what's you've done so far (and don't misunderstand me, I'm grateful for what you've done), why do you keep application and app update mechanism closed sourced? You're expecting people to steal your code and make a paid product from what you've done? And, in the end, why do you keep working on Symenu if it's more than a hobby?
I do understand that maintaining the application list repo is a huge workload and I would understand you want Symenu to transform into a Freemium app (with the app-store behind a paywall). I'm not really sure I'd pay for that (I sure use this feature but it's not critical to me) and I'd rather give a couple of hours a week to update the app list (to test if the latest versions are installed and correctly run) to keep your project alive.
And once again, I'm not criticizing you in any way Gianluca, you've done a superb work. But, if you want to keep this work free, I would have thought you'd simply publish your work on Github where you could keep control of the sources while getting help from the community ... and maybe get an army at some point. It works for Homebrew (which has 6 times more applications).
|
|
link
|
Syngensmyth Posts: 4
11/03/2024
|
Good Grief what the heck is doing now? OK, I did it. No big deal. I just survived two 737 flights so I can live through this too.
|
|
link
|
sl23 Posts: 285
11/03/2024
|
Syngensmyth wrote:
Good Grief what the heck is doing now? OK, I did it. No big deal. I just survived two 737 flights so I can live through this too.
Well done!
|
|
link
|
Gianluca Administrator Posts: 1270
11/03/2024
|
JackoBongo wrote:
[...] you'd simply publish your work on Github where you could keep control of the sources while getting help from the community ... and maybe get an army at some point.
I'm always surprised when people attribute magical powers to the open source world.
If I understand your idea, if I put the SPS on GitHub I'll attract dozens of people that are ready to help me in any way. Outside of GitHub instead, for example directly in the SyMenu's house, that is here, the hidden army can't reveal itself probably because they can act only on the official Open source temples. Otherwise the Gods curse them.
Forgive my irony but now I'll try to be more constructive with a proposal for you or whoever wants to accept the challenge.
Take 50 SPS. Not more because I don't want you to waste your time but if you are a time wasting guy, take them all.
You already know where to find them... if not, they are inside a zip file located in the [SyMenu]\ProgramFiles\SPSSuite\SyMenuSuite\_Cache\ folder. Put them in a new project in GitHub.
Now invoke the sleeping army of contributors. Since GitHus is such a magical place they will come in droves. For a while you and the army try to maintain the SPS updated. To ease your work I suggest you use the SPS Builder because one of its possible uses is to work with local files. In a month from now we can check if your solution has worked for real, if a community has arisen in that magical place and if they are efficient and precise, enthusiastic and faithful.
If you (or any other person) succeeded, I grant you that I change the pointing of SyMenu to the GitHub repository to give away the entire SPS system to the community. Because without SyMenu, SPS is currently not so useful.
Indeed what I think is that in a month you won't be able to involve anybody, your SPS will be outdated, and you'll be discouraged and disappointed. And a bit disenchanted about GitHub powers.
The open source movement is terrific and works perfectly for mainstream projects. We have hundreds of working examples.
But the great majority of the projects, even those published on the magical GitHub, are currently dead or maintained intermittently by the original author.
SyMenu is not mainstream, the community that is helping is really strong and resolute but it is small.
I can't understand how GitHub can change that but I'm really impatient to be denied.
|
|
link
|
Gianluca Administrator Posts: 1270
11/03/2024
|
Syngensmyth wrote:
OK, I did it. No big deal. I just survived two 737 flights so I can live through this too. 737 Max?!?!?
|
|
link
|
sl23 Posts: 285
11/03/2024
|
Gianluca wrote:
I'm always surprised when people attribute magical powers to the open source world.
Do you have kids Gian?! I bet you're great at bedtime stories! Try to make them a little more positive at the end though, cos that one sucked!
|
|
link
|
JackoBongo Posts: 7
12/03/2024
|
Gianluca wrote:
Indeed what I think is that in a month you won't be able to involve anybody, your SPS will be outdated, and you'll be discouraged and disappointed. And a bit disenchanted about GitHub powers.
The open source movement is terrific and works perfectly for mainstream projects. We have hundreds of working examples.
This is why I was asking why you're still working on Symenu. What are you expecting from it? Do you want to be able to earn a salary to devote 100% of your time? Or maybe you're sick of it.
Gianluca wrote:
But the great majority of the projects, even those published on the magical GitHub, are currently dead or maintained intermittently by the original author.
Ok, but I don't see your point. If a project dies or is updated twice a year, is it a big deal? With the sources online, someone just could make a fork (or not).
Gianluca wrote:
SyMenu is not mainstream, the community that is helping is really strong and resolute but it is small.
I can't understand how GitHub can change that but I'm really impatient to be denied.
Ok, even if putting the sources online doesn't help, what could be the negative impacts?
As you wrote, SyMenu is a niche project. And putting up hurdles to potential volunteers doesn't help much. And again Gianluca, I mean no offense at all. I'm just trying to bring some goodwill and, maybe, remove a bit of your cynicism out of your mind (but it doesn't seem to work so far).
BTW, I've checked the SPS format on a couple of apps and it is quite clear. I assume you have a couple of tools to make the new release check process automated.
|
|
link
|
hausenfefr Posts: 1
14/03/2024
|
If you really truly actually genuinely believe that its not a colossal dick move to start requiring logins (to the point the app essentially dies unless I create an account); Then I can no longer Support, Suggest, or Advocate SyMenu to anyone for any purpose. Damn. This is why we can't have nice things.
Gianluca; How are you profiting from this decision? do you want me to PayPal you $5?
Regardless of your personal viewpoint the user experience is still "Extortion".
I've used SyMenu for years! Excellent handy software! Always been a joy to use! never knew the creator had this attitude tho, This is why they say "never meet your heroes".
So you win I guess. You wanted me to create an account on your blogs forums and here I am! For the exclusive purpose of calling you an Asshat... But her I am!
Please stop being an Asshat.
- hausenfefr
|
|
link
|