openMultiLogin icon indicating copy to clipboard operation
openMultiLogin copied to clipboard

Published 20 hours ago verified publisher icon EranSch

DMCA Takedown Notice

Open EranSch opened this issue 6 years ago • 8 comments

Well folks, it's been quite a ride but I'm getting tired of dealing with the Chrome Store on this. I received a notice that the listing for openMultiLogin (old URL above) was reported as copyright infringement, under the DMCA. Because this code is technically an infringement, it's not really something I feel like pushing back on, despite the fact that the reporter is obviously up to some shadiness.

Beware

Despite being the legitimate author, the reporter of the infringement hosts two semi-duplicate extension listings under the original name ("MultiLogin") and the name of this extension ("openMultiLogin"). The super shady part is that both listings actually use my description text, including links to this repo! (NOTE: If you arrived here from either of these listings, please be aware that I am not the author for either of the extensions below. Use them at your own risk!)

Shadiness Example # 1

image

Shadiness Example # 2

image

If I were you, I would avoid both the listings above like the plague!

Thank you, everyone who participated and strived to help push this strange open source experience along. I'll leave this repo up if you want to pull the source. Enjoy!

DMCA Takedown Request

subject_lr_dmca: Уведомление направленное в Google full_name: Balas Viktor companyname: MultiLogin represented_copyright_holder: Balas Viktor contact_email_noprefill: [email protected] country_residence: UA description_of_copyrighted_work: Google chrome plugin source location_of_copyrighted_work: https://chrome.google.com/webstore/detail/multilogin/nknfhhmhoflkcijaodalbncnmidocced url_box: https://chrome.google.com/webstore/detail/openmultilogin/plaahcaagklllbcjognjgcnldgjnjhpb dmca_affirmations_authorized: agree dmca_affirmations_penalty: agree1 signature: Balas Viktor hidden_product: chromewebstoreextensionsgallery hidden_ctx: geolocation: UA hidden_uraw:

EranSch avatar Apr 11 '18 18:04 EranSch

I do not understand it. How can the rightful owner send people back to your repository? Where is the owner's source code?

Damianonymous avatar Apr 18 '18 22:04 Damianonymous

Based on the writing above what happened is: Swingline saw something useful (but seemingly sketchy) and rolled his own minus sketchiness. And the original author slammed him with DMCA take down notices. And it's not really worth fighting if this code kinda-sort-a-probably is a de-obfuscated version of the original work.

I'm still using this even though google insisting on putting up a notice that I have "Dev extensions loaded" makes it a minor pain in the neck. Totally worth not having some rando track my activity though.

alex-ries avatar May 25 '18 12:05 alex-ries

So is this it? The "rewrite" isn't coming anymore? What was supposed to be included in it? The extension seems to work as it is...

P.S. What does "de-obfuscation" mean, in layman terms?

MasterOfUnlocking avatar May 30 '18 16:05 MasterOfUnlocking

@MasterOfUnlocking I can't speak to the first bit, but I can answer the de-obfuscation question. The easiest way to answer is to describe what code obfuscation is: it's using different types of patterns to make code unreadable, while leaving it functional. Think about things like: adding code lines that have no function, or using some extreme forms of short hand (renaming all functions/fields/methods/attributes to single letters, anonymous functions), it's basically a way to "hide" (obfuscate :) ) the original code base. So de-obfuscation is to put the code back in to a somewhat maintainable state trying to identify all the obfuscation lines and often also beautifying it so you can figure out what the code is doing. So what was done here (based on the de-obfuscation comment), the current code was created from a copy of the original (shady) extension which was then de-obfuscated. So technically this code is a copy.

I doubt doing a "re-write" based off this code will be seen reasonably as a completely new extension.

alex-ries avatar May 31 '18 11:05 alex-ries

Original extensions without open source code have also been removed from the Chrome Store. How can I remove a warning about loading an extension in development mode that appear when my browser is turned on?

Damianonymous avatar Jun 07 '18 01:06 Damianonymous

@Damianonymous you can't, I'll see if I can find the thread (I may just not bother tbh, so maybe google it yourself :) ): but basically google's stance on this is that the warning being permanent and not something one can turn on is to protect us from ourselves. They're afraid of malware installing itself as a developer extension and (speculation) probably something about being able to easily create alternative stores/extensions that otherwise violate Google's Chrome Extension policies.

alex-ries avatar Jun 08 '18 12:06 alex-ries

@Damianonymous Yes, you can, at least by now. https://stackoverflow.com/questions/30287907/how-to-get-rid-of-disable-developer-mode-extensions-pop-up/30361260#30361260

caspertone2003 avatar Jun 11 '18 20:06 caspertone2003

@caspertone2003 Thank you, it works. I needed it, I hope that the script will be updated :)

Damianonymous avatar Jun 12 '18 08:06 Damianonymous