Stopping the Flagrant Piracy of Mint
Let’s have this out in the open: Mint is being pirated. Which puts myself—and all of Mint’s paying customers—in a difficult position.
Mint’s source code is provided to every licensed user for many reasons. One is to simplify installation. Most commercial PHP software require a third-party decoder module be installed on the server in order to run the encoded source. In my experience, these decoders never work as advertised—if a host even has them installed.
Another reason is, should I disappear off the face of the earth tomorrow and new bugs are discovered the following day, the software isn’t a closed box. Each license holder can modify Mint for their own use within the terms of the EULA.
This openness adds value to the software. Unfortunately, it also allows the less scrupulous among us to pirate the software. But I knew this going in—I even made remarks in the source code, “By changing these bits, you’re not being clever—you’re being a crook.” Or something to that effect.
Paying customers may be asking, “How does this affect me? I paid. I already have your software. It doesn’t concern me.” More and more asshats are showing up on the Mint Forum or emailing me directly requesting support for cracked versions of Mint. One person even purchased a license only after he couldn’t get the pirated version working. Some may argue, “a sale is a sale,” but I have no interest in that kind of “oops, you caught me” customer. Every hour that I am forced to waste confirming licenses and sending emails to thieves and their hosts takes away from the development of Mint and providing support to existing customers; activities licensed users directly or indirectly benefit from.
There’s really two problems that need to be addressed here: how to stop the piracy and how to to reduce the time involved in identifying and addressing those already pirating Mint.
I can’t out the pirates. That would be like saying, “Just ask this person if you don’t want to pay for Mint.” I refuse to close the source. The price is not up for debate.
Just being able to easily identify unlicensed uses of Mint would solve part of the second problem and could act as a significant deterrent for the first (since offenders would be far less likely to get away with it).
What’s a developer to do? Here’s an idea: a Firefox extension that silently checks for a Mint installation on each site visited and if found, sends a ping to a central server. The server could then validate the domain against a list of licensed domains and flag any offenders. The extension would not reveal the outcome or require any input from the browser user. The ping would be anonymous and only fire when a Mint installation was found (and not every page visited). Even if only 3% of Mint’s current user-base chose to participate in this “Neighborhood Watch” it would create a pretty significant canvas. With an incentive—pseudo-live visit counts in your toolbar anyone?—I could see the uptake being significantly higher.
So that’s one idea, does anyone have any others?