Looks like DRM has been cracked, fix coming?

In my case, they have pirated versions that are new version 1.0.0 without
update 100% fresh out of the oven.

I know… same for many devs here… R.

I wouldn’t be surprised pirate are distributing infected copies, however, how
could they do so with an FS2020 add-on since the only running code is either
sandboxed WASM, or sandboxed JS, supposedly sandboxed for protection?

they put payloads on the .zip… image files that loads with the package,
inside documentation files that are shipped with the package, they also take
advantage of utilities with external exe’s to this purpose… they are
incredible clever… not everything needs an EXE these days to exploit a
machine… a simple code in JS to open a backdoor in your firewall is enough to
allow them get inside your system and infect your PC with malware. JS is
sandboxed with coherent, but you are able to load Iframes, access images from
url sources, and many more elements and behaviours inherited with hmtl / js.
R.

1 Like

Although it could be an effective method, wouldn’t it ruin the possibility of
freeware? Especially with freeware still not being widely accepted an
marketplace. Kill the freeware and you kill a major part of the sim.

Unfortunately, it will happen again at some point. That’s the nature of copy
protection and piracy. It’s a constant back and forth tradeoff. I’m still
impressed it took 2+ years for this to happen. That speaks volumes to how well
it was done initially.

Can one assume , that one reason for the delay in SU10, is the design &
intriducton of a new DRM security into both MSFS clientt, MS servers, as well
as all the products on the marketplace ?? Would this alo account for the
current low number of new or updated Ms-Store products beung launched ?

DMCA “Take Down” requests CAN work, if you make the effort to submit them …

Indeed. It’s up to the copyright holders (or their representatives) to do what
you did and get the stuff taken down.

I have tried my best to get them removed from all this file host sites but not
completely succesful. Modsfire will remove, but ddownload will not even reply
to the emails or the claims sent with the abuse form in their site. Also,
nothing we can do about torrents.

Hello, At the moment, is a product published on the PC marketplace (SU10
simulator version) unprotected as before, or has some countermeasure been
taken? Thank you for your answer (I understand that it is inconvenient).
Regards.

That has been my experience as well. I got our Copyright Plane removed from
Modsfire, but ddownload is highly evasive, and the registra ( namecheap)
denies thet they are their registra … !! **On 9/22/2022 1:35 PM, Namecheap
Legal & Abuse Team wrote: **

Hello, It seems theddownload.com domain name
reported is neither registered nor hosted with us. Could you please specify
why the complaint was addressed to Namecheap?

yet a WHOIS clearly shows

      1. Domain name: ddownload.com
  2. Registry Domain ID: 83241215_DOMAIN_COM-VRSN
  3. Registrar WHOIS Server: whois.namecheap.com
  4. Registrar URL: [http://www.namecheap.com](http://www.namecheap.com)
  5. Updated Date: 2021-10-01T22:11:50.68Z
  6. Creation Date: 2002-02-01T14:02:52.00Z
  7. Registrar Registration Expiration Date: 2025-02-01T14:02:52.00Z
  8. Registrar: NAMECHEAP INC
  9. Registrar IANA ID: 1068
  10. Registrar Abuse Contact Email: ![](upload://kiglp1fq7dyTsP2iq39hfy4IrtN.png)@namecheap.comRegistrar Abuse Contact Phone: +1.9854014545Reseller: NAMECHEAP INC

So they deny the domain is under their registration, and then Ignore all
future attempts to contact them **** A little research indicated that even
The New York Attorney General’s Office , struggles to get any response
from them as well, so what chance do I stand !!> Even talked to their head of
Cyber-crime – she informed us it was a near impossible task !! But I did
manage to get our plane off Modsfire, but then 12 hours later, it was back up
on another server … The " _ DMCA Notice of Alleged Copyright Infringement_
" process is badly broken !!! -– And, of course

      1. 985 401 4545   Reseller: NAMECHEAP INC  is just an answering machine !!
  2.  
  3.

If it helps anyone else, tryng to get their Copyright material off
S******.org** , this is what legal at namecheap has to say — On
9/22/2022 1:35 PM, Namecheap Legal & Abuse Team wrote:

Hello, It seems the ddownload.com domain name
reported is neither registered nor hosted with us. Could you please specify
why the complaint was addressed to Namecheap? Let us note that the most
reliable way to identify the web/email hosting provider is to run the dig
query in a command line. You can also follow the steps below: 1. Run a DNS
lookup for an A or MX record associated with a domain. You can use the
Google Admin Toolbox to do this:
https://toolbox.googleapps.com/apps/dig/#A/ If there’s no output, the
domain name is not pointed to any server, or the DNS changes have not
propagated yet. 2. Check the WHOIS information about the IP address that
you found. You can use DomainTools to do that:
https://whois.domaintools.com or run a DNS lookup for the PTR record
associated with the IP address via the Google Admin Toolbox. DomainTools (
https://whois.domaintools.com/) can also be used for finding out the
registrar company for a domain. Also, in order to avoid any
misunderstanding, we would like to inform you that Namecheap is currently
providing only registration services for the s****.org** domain name in
question. It means that we cannot take down the content hosted by a third
party as we do not have access to servers where the content is actually
located. To have the content disabled, it is advised to contact either a
website administrator or the hosting provider company. It seems that
Cloudflare is used to hide the hosting provider for the subject domain name.
Since Cloudflare does not provide hosting services, they cannot disable the
certain content located on the reported website; nevertheless, they may
assist you in contacting the responsible party. Feel free to submit the
report at https://www.cloudflare.com/abuse/ and let us know if you have
any further questions. If you would like to contact the domain holder, you
are welcome to use the email address listed for the domain in public Whois.
If the contact details are hidden by the WHOIS protection service, feel free
to send your email to the protected email address (like
****.protect@withheldforprivacy.com).
It will be forwarded to the real email address of the domain holder. Please
note that we do not guarantee that you will receive a response from our
clients as we cannot force them to enter into email correspondence. Also,
note that the contact details of the domain owner may be hidden due to the
GDPR. For more information, refer to https://gdpr-info.eu. Please be
informed that per our policy, Whois contact information protected by the
WithHeldForPrivacy protection service can be revealed only based on an
official request from a court (refer to
[https://www.namecheap.com/legal/general/court-order-and-subpoena-
policy.aspx).](https://www.namecheap.com/legal/general/court-order-and-
subpoena-policy.aspx%29.) Thank you for understanding. --------------------
Regards, Legal & Abuse Department Namecheap, Inc. Ticket Details


Ticket ID: FLD-136-85 xxx Department: Copyright / DMCA Type: Domains
L&A; Status: Abuse not confirmed Priority: High

You can always complain to Verisign and icann about the company not responding
to abuse requests seriously.

Steam add ons do not use encryption
<https://forums.flightsimulator.com/t/40th-anniversary-edition-sim-
update-11-beta-plan/545725/11>

Report the files url as malware
https://safebrowsing.google.com/safebrowsing/report_badware/?hl=en