[teddyh]

So he used code straight off GitHub, didn’t read the license terms, and then has the gall to call it “stealing” when the program does exactly as it says it would.

Either learn to read licenses, or have a list of approved licenses (MIT, GPL, etc.) and only use software thus licensed.

EDIT: What I mean above is the 2% which is specified in the “Licence Agreement” page – the article author is clearly considering this, too, to be “stealing”. Regarding the increase from 2% to 30%, that is way more questionable, and I do not defend it.

[Kvirkvelia]

Thank you for your comment!

I don't think taking 2% is theft. Maybe it's a dark pattern, but it's definitely not theft. In the article, I say that I calmed down after explaining with 2%, which means my agreement with the situation.

The way the increase to 30% is made and the number of users with such a percentage says that the author deliberately increases the percentage without warning the user, which is theft

[simlevesque]

You using the software without a paid license was theft.

[ceejayoz]

That's entirely false. The plugin offers three license options.

https://github.com/floatinghotpot/cordova-admob-pro/wiki/Lic...

> 3. Win-win partnership

> And, if you don't have enough money yet to get a license, or don't have a PayPal account, here is another flexible option worth considering, no need to pay a cent. We may call it partnership.

> We maintain, support, and version update for any plugin issues, you don't worry about its update or bugfix, just use it for free, and focus on your app or game logic.

> Ship our code with yours to end-user, no need paying a cent at all, instead, share 2 percent ad traffic, so that we can both benefit and cover our cost to maintain and enhance this project.

The problem is the plugin author silently raised that "share 2 percent ad traffic" to 30%.

[fuzzy2]

What do you mean, without a paid license? The wording seems pretty clear to me: You can get a paid license OR you can share 2% of your ad revenue.

[kevingadd]

Someone committing a license violation does not magically grant you the ability to steal 30% of their revenue. If you want to punish the license violation, take them to court.

Also note that the software is MIT licensed. Tucking some random additional clauses on your website or somewhere else doesn't magically change the licensing, if you don't want to use MIT (and make them free to use it) then don't use MIT.

[abofh]

You buying software with a revshare agreement 100% does..

You operate in the us? You pay the irs. You operate in Brazil, you pay them.

The price was disclosed, optional and entered into freely. Dude is buying his lawyer a boat if he wants to fight it.

[ceejayoz]

The revshare agreement was for 2%, not 30%.

The 30% was not disclosed and applied unilaterally. Per the email exchange:

> "After check, we find your app in the black list, and a random higher rate will be applied. Usually when a guy is using a fake license key, or send unusual attacking request...

[MrWiffles]

Not arguing here at all because I agree with you in principle, but I wanted to point out for the sake of consideration trust it appears the plug-in author was in Russia if I’m not mistaken. I have no idea how Russian law works with regard to this, but I think it’s somewhat unfair for us to jump to the conclusion that their courts are acting like ours; for all we (I?) know, IP law for software may not be enforceable in Russia. Or it could be dark pattern gated behind high court fees, unattainable representation, etc.

[Kvirkvelia]

The license clearly says: "You don't have to pay, we are also okay if just share 2 percent user traffic"

[iqanq]

The licence allows the author of this article to even strip the part of the code that takes the 2% fee if he wanted to.

[javajosh]

I think it also speaks highly of you that you engaged with him, signed your name, and made rational arguments. These are not the actions of a thief, but of someone who has thought about their business model and is willing to stand by it.

That said, if you really wanted to impress, you'd improve the visibility of your practices for each individual developer, by providing a dashboard that fully discloses revenue-over-time, along with proactive notifications when your terms change. The MVP here would be a single email sent when the 2% term changes.

This business model where the providing party retains the right to change terms arbitrarily has always concerned me, in the same way something like an indentured servitude contract would, and yet they are all too common. But its everywhere, and no self-interested business would take steps to reduce it's power against the counter-party. There is a whole set of problems here that neo-liberal capitalism not only cannot solve, but actually seem to make worse. It's easy to point the finger at a single dev, or a small team, and say "you're unethical!" but in truth I think the statement is more informed by the ability to identify the actor than the action itself, which is endemic. (To take two examples: variable rate mortgages, and credit card debt, neither of which are modeled by consumers and both of which are certainly gamed by the counter-party.)

[pdpi]

FYI, you're responding to the author of the article, not the author of the plugin :)

[javajosh]

Oh, ha. Well, maybe that's even better as I don't think the OP appreciates how unusual it is to have someone take actual responsibility for their decisions, whether or not you agree with them.

[abofh]

We're super glad to have saved you from almost paying a developer

[abofh]

Who authorized the code to run?

[mox1]

Yea, he is not the first to discover this. I ran into this exact issue (same github repo and software package), back in ~2013. In my case, this revenue sharing was quietly introduced during the plugin update.

So I just forked an older version of their code and ran from that. I also made a post telling the guy it was kinda shady, they didn't seem to care.

[Deukhoofd]

The software license is MIT, but there's a page on their wiki that vaguely says they take a cut of your earnings over 1000$. It definitely does not mention 30% however:

> If you have used this plugin for FREE but monetized more than $1000, you are also required to get a license, or share us some Ad traffic as stated in win-win partnership model below

> Ship our code with yours to end-user, no need paying a cent at all, instead, share 2 percent ad traffic, so that we can both benefit and cover our cost to maintain and enhance this project.

[liveoneggs]

MIT license does not disallow monetization or rev share. It does allow you to fork this plugin and remove the code responsible for rev share, etc. This is all above board.

[nerdawson]

From their license agreement:

> If you have used this plugin for FREE but monetized more than $1000, you are also required to get a license, or share us some Ad traffic as stated in win-win partnership model below.

https://github.com/floatinghotpot/cordova-admob-pro/wiki/Lic...

The project however includes the following the license: https://github.com/floatinghotpot/cordova-admob-pro/blob/mas...

Surely releasing code under an MIT license makes their statement invalid. Why would I be "required to get a license" and offered a couple of commercial options? It sounds like they need to get some legal help to properly license the project in the way they want to.

Furthermore, pricing should be clear. It's deceptive to hide it within their so-called "license" section. As a developer, why would I read the license section if it's clearly marked within GitHub as being licensed under MIT and has a LICENSE file confirming that?

[munk-a]

It depends on the details of the license. If it was a bog standard MIT license (which in this case it is) then you could surely fork the repo remove that logic and carry on with your day (though you'd probably still need to credit the original author with the attribution clause) - MIT like licenses can dictate some terms around uses while allowing most modifications though.

That said - you do need to actually modify the code yourself, if you instead decided to use some man-in-the-middle attack to modify the packets in flow you may still be misuing the software. There are ways you could approach a solution that would in fact violate the license, as trivial as it is to circumvent.

[nerdawson]

In my opinion, the way they present pricing is deceptive. They have a table of contents and hide pricing details under "License".

The very first paragraph reads:

>You can use the plugin for free, or you can also pay to get a license. IMPORTANT!!! Before using the plugin, please read the following content and accept the agreement. THIS WILL AVOID POTENTIAL PROBLEM AND DISPUTE.

If as a user you're paying 2% of ad revenue, the plugin isn't free.

> If you don't want to get a license as your apps may not earn too much, or you don't have a PayPal account to pay, here is a compromised option. You don't have to pay, we are also okay if just share 2 percent user traffic, so that we can cover our effort and focus on maintenance and online support.

They don't make clear that that's the default behaviour. That by doing nothing you're consenting to their 2%.

If a developer wants to profit from their work, they should behave like a business.

[liveoneggs]

The monitization bit is the "license" for use of the code. The MIT license applies to the source code itself, not the execution of it.

MIT allows you to: "use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software". That's it.

[nerdawson]

Thank you. I’m realising my understanding of licenses was inaccurate and that I really ought to scrutinise projects more thoroughly.

[drran]

The author of software can release his work under any number of licenses, or none at all. An author can release the same code under MIT, Apache, GPL, MPL, or commercial license at the same time.

[nerdawson]

If the code is tagged as being MIT in GitHub and includes an MIT license file, can an author reasonably argue that an end-user is receiving the code under a different license?

[drran]

> If the code is tagged as being MIT in GitHub

Yes

> includes an MIT license file

Maybe. MIT license permits additional license restrictions on top of license. For example, MIT code can be copied into a proprietary system with a different license, which will forbid copying code out.

[teddyh]

> there's a page on their wiki that vaguely says

A page titled “License Agreement”, clearly linked from the home page.

(Regarding the 30%, I agree – this was questionable at best.)

[vertex-four]

It is listed as MIT in the package.json, the LICENSE file, and the plugin.xml file. That’s more than reasonable enough to consider it MIT, and that’s where license information would be picked up by e.g. any license-scanning tools.

With the multiple contradictory statements, even just within the README, though, my company’s lawyer would say we can’t use this dependency at all if I showed it to them.

[y4mi]

Afaik, the MIT licence grants you the freedom to do whatever you want with this code.

This code is written to share revenue with the author after a threshold, but that's merely the application/code working as intended.

You're free to fork the code, remove this sharing and republish the dependency under another name for example, that's the only thing that MIT is about

[vertex-four]

The argument in this thread is that you can’t, and you agreed to the other License Agreement. See the root comment, which thinks that this code is not under the MIT license.

[y4mi]

And as I said: a feature like this is entirely possible with the MIT licence, because it only addresses the licenced source code, not what said code actually does at runtime. Just read the licence yourself, it's exceptionally short.

------

Copyright (c) <year> <copyright holders>

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

[kroltan]

I agree in principle. It is bad form to not try to respect industry conventions.

However, blaming "e.g. any license-scanning tools" is not correct either, since that would be clearly a limitation of the license tool, encoding assumptions of location and standardization that are nothing more than convention. I mean this in the sense that if you went to court and your excuse was "my tool didn't pick that up", you would probably not be victorious, since the terms were laid out clearly for human consumption.

And I agree, a lawyer would not want to use this dependency, but it shouldn't take a lawyer to do that. You are responsible for the legal implications of using anyone else's software.

[PeterisP]

The point is that licenses and license offers are self-sufficient, a "clarification" from another document simply does not constitute a binding clause in a license.

If you have an offer of the MIT license from the author (as in the LICENSE.txt), then no clarifications or restrictions linked from the home page affect it, and other offers of other licenses are possible but not relevant if you like this particular offer.

[nerdponx]

The MIT license also clearly states that the software comes with NO WARRANTY (in all caps) and that you use it at your own risk. I don't see what the MIT license has to do with this at all.

[teddyh]

Maybe. That’s a very… programmer-like way of looking at licenses, though, and it’s not necessarily compatible with how licenses are interpreted by judges.

[abofh]

There is no indication that anyone was charged to use the software- it was the software that charged them

[bryanrasmussen]

shady, but then again good enough for apple so..

[PeterisP]

A technical reading of the license suggests that the licensee can choose one of three options, the first of which is "Free and Open Source, no support", which fits the OP needs and is also the one offered in the LICENSE.txt of the repository. Nothing in that license offer requires them to pick the second - "commercial" - option for commercial use as the other two options don't prohibit commercial use, and if other offers (e.g. that MIT license in the LICENSE.txt) are made.

So I there's no reason for the licensor to assume that the commercial offer was chosen and that the licensee agreed to that 2% withholding, much less a 30% one.

[joshstrange]

If you want to use the "Free and Open Source, no support" you also have to:

> Fork the source code and maintain it yourself (bug fix, any future changes on Cordova and SDK, integration support, etc.); see the open source project here: https://github.com/floatinghotpot/cordova-plugin-admob

Which I think it's clear that's not what happened here, the blog author was using AdMob Pro and thus unable to qualify for "Free and Open Source, no support".

[PeterisP]

AdMob Pro has the exact same license (https://github.com/floatinghotpot/cordova-admob-pro/blob/mas...) and I see no reason whatsoever why someone using a product named "AdMob Pro" would be unable to use it as free and open source without support, certainly the name of the product does not influence that.

The author has written their license poorly in a stupid manner that allows everyone to use their product for free - that's why lawyers are useful and why for small developers it's a very good recommendation to use one of standard licenses instead of trying to write their own from scratch. As of now, perhaps due to the author's legal incompetence, the license also allows free usage for commercial purposes.

[joshstrange]

You can use it for free, that doesn't mean it won't take a cut. I could write code under MIT that is a keylogger, it's free to use, doesn't meant there aren't other consequences. In fact MIT protects the creator from any of those consequences.

Sure, based on the license, someone could fork AdMob Pro and remove the ad sharing but that's not what the blog author did.

[wizzwizz4]

> In fact MIT protects the creator from any of those consequences.

Eh. For something like a keylogger, not really; there are laws against writing and distributing malicious software. In the UK, you can write malware for educational purposes, but woe betide those whose malware escapes or “escapes”: no MIT license disclaimer will save you.

[abofh]

Sudo Rm -rf /

Running that without a proper license may cause unexpected behavior, contact me to obtain a license.

If you are a licensed user, it will likely render your system inoperable.

What law did I just break?

[krageon]

> malicious software

Keyloggers don't have to be malicious (e.g. you can use it for a global hotkey hook). Thus, writing such software doesn't have to be done with that mindset at all. That being the case, it is ambiguous whether or not those laws apply.

[libeclipse]

The GitHub page said it would take 2% but actually took 30%. How is that "exactly as it says it would"?

[teddyh]

He called the 2% “stealing”, too. Sure, the slow increase to 30% was not documented, and I can see a good argument being made there.

[tobltobs]

Could you please hint us to the sentence where he calls the 2% “stealing”, too?

You yourself say that "the increase from 2% to 30% is way more questionable". What is "questionable" about that? Maybe that is not stealing but it is an obvious fraud.

I really don't get what your motivation could be to defend that kind of shit.

[labcomputer]

> What is "questionable" about that? Maybe that is not stealing but it is an obvious fraud.

The plugin author claims that the ramp-up to 30% is an anti-abuse measure. Supposedly, something triggered the abuse abuse flag and the rev-share ramped up as a "get in touch with us" signal, with the additional rev-share refunded when the user does get in touch.

Taken at face value, I think that's not unreasonable, though the lack of logging from the plug-in author's side is questionable (asking the customer how much they wanted refunded).

Where I think the jury is out is whether that is actually what happened, or whether the plug-in just ramps up every customer to see what their pain tolerance is.

[op00to]

The 2% is stealing because no reasonable person would expect to see such a clause in an open source software project. The 2% clause was hidden, all the way at the end of the doc. The plugin author is a conman.

[teddyh]

Why do you call it Open Source? The plugin itself does not call itself Open Source, and clearly links to another project for those people who want an Open Source program.

[InsomniacL]

https://github.com/floatinghotpot/cordova-admob-pro/blob/mas...

> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files

[colejohnson66]

The code being free does not mean usage is free. Qt’s code is free to look at, but you still need to pay them for certain things. Licenses apply to the code, not what it does.

[ipaddr]

This is used for popular game engines. It's not a bad model. If you make nothing you pay nothing if you profit you pay a %. It removes the need to buy upfront.

[pavel_lishin]

That's incorrect. The license stated he would share 2% of the ad traffic, but it looks like the plugin was taking 100%.

[teddyh]

100%? I can only see references to 30% at most. Which is questionable, since the license only specifies 2%. But not 100%.

[pawelmurias]

They actually have MIT LICENSE file in the offending plugin repo.

[abofh]

Were you charged to download or use it?