vicidial.org

[carpenox]

yea im sure asterisk king didnt send anything to vicidial either, but thats ok, i took it anyways. im not the one, lol

[Acidshock]

Convoso still been ignoring me. Even ignored another friend of mine. Any chance of that you may end up sending a demand Matt? I know they are large so I wouldnt blame you if you didnt want to pursue it. Just curious though. Lots of stuff that could be useful in that code base.

[mflorell]

Demand letters can only come from a "user" of their system. Since I'm not one of those I can't send them a demand letter. But, just so you know what you might be in for...

The next step after you send one of those yourself(and they ignore it), is to involve a lawyer to send a more threatening letter.

After the ignore that one, you have your lawyer file a lawsuit.

After they ignore and loose the lawsuit, you have to have your lawyer file to have the court compel them to provide the code.

After they ignore that court order, you have to have your lawyer file to seize assets of the company.

After they ignore that, you actually have to find a local company to go and seize their assets, if they can locate them.

If you do actually get the assets of the company, they very likely will not include the source code you were looking for.

Can you tell we've been through this process before?

[carpenox]

lol damn, what a mission, i find it easier to just hack into their system and get it myself like i may have done with king asterisk(hypothetically speaking of course)

LOL

>:-)

[Acidshock]

Good news is I dont think they would go underground. They are too big for that. Have you guys ever seen it? (Just curious)

Company Details:
https://www.owler.com/company/safesoftsolutions

List Mixing UI:
https://imgur.com/a/2llGM94

Demand letters can only come from a "user" of their system. Since I'm not one of those I can't send them a demand letter. But, just so you know what you might be in for...

The next step after you send one of those yourself(and they ignore it), is to involve a lawyer to send a more threatening letter.

After the ignore that one, you have your lawyer file a lawsuit.

After they ignore and loose the lawsuit, you have to have your lawyer file to have the court compel them to provide the code.

After they ignore that court order, you have to have your lawyer file to seize assets of the company.

After they ignore that, you actually have to find a local company to go and seize their assets, if they can locate them.

If you do actually get the assets of the company, they very likely will not include the source code you were looking for.

Can you tell we've been through this process before?

[mflorell]

Yes, we are well aware of SafeSoft/Convoso. They have been reported to us before, and we've even had a couple of their clients call us for support in the past.

[Acidshock]

Well when asked to copyleft they terminated the persons account! lol

[mflorell]

Well, that doesn't invalidate the request for source code, and now the client has an even stronger case against them, if they want to pursue it.

[Acidshock]

Found another one. Foxie Dialer. Its built on VICIDIAL, know some people that were in the initial development stages. You can also see it on their images.

[mflorell]

Thanks for the note on Foxie Dialer! I hadn't heard of them before, looks a bit like Ytel's interface, which it looks like they borrowed their business model from as well: high fixed-price per-agent, hosted-only model. Perhaps if someone can become a client of theirs and request the source code, we can see what they've changed.

[Acidshock]

Nothing from Foxie. Completely ignored my request.

Found another one too, PrimoDialler, that is refusing to release their code. Like trying to swat flies at a manure factory. Sorry if I am just creating noise but I have sort of made it a mission to harass these guys as I find it reprehensible.

[mflorell]

Yes, we are aware of Primo Dialler, they have been around for a while, and they actually have a couple other names they go by as well.

[Acidshock]

I got a quick question... If I write some code and require some vicidial PHP scripts. Is that now considered a modification of VICIDIAL and subject to AGPLv2 vs being my own code and subject to my own license?

IE:
require_once ("../agc/dbconnect_mysqli.php");
require_once ("../agc/functions.php");

[mflorell]

If the new code uses any significant portions of code that is in the VICIdial codebase, then yes, it falls under the AGPL license and must be available to the end users of your new scripts.

[Acidshock]

Ok thought so, outboundANI uses this and encodes their PHP script.

Code: Select all

<?php /* This computer code is protected by intellectual property laws and its property of 3ABM581 LLC DBA outboundANI. Reverse engineering, disassembly, or decompilation of this computer code is prohibited. Violators will be prosecuted to the fullest extent of the law. */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$GLOBALS['OOO0000O0']=$OOO000000{4}.$OOO000000{9}.$OOO000000{3}.$OOO000000{5}.$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};$GLOBALS['OOO0000O0'].=$GLOBALS['OOO0000O0']{3}.$OOO000000{11}.$OOO000000{12}.$GLOBALS['OOO0000O0']{7}.$OOO000000{5};$GLOBALS['OOO000O00']=$OOO000000{0}.$OOO000000{12}.$OOO000000{7}.$OOO000000{5}.$OOO000000{15};$GLOBALS['O0O000O00']=$OOO000000{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14};$GLOBALS['O0O000O00']=$O0O000O00.$OOO000000{3};$GLOBALS['O0O00OO00']=$OOO000000{0}.$OOO000000{8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$GLOBALS['OOO00000O']=$OOO000000{3}.$OOO000000{14}.$OOO000000{8}.$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__;$OO00O0000=0xda54;eval($GLOBALS['OOO0000O0']('JE8wMDBPME8wMD0kR0xPQkFMU1sn


Code: Select all

}
$function = $_GET['function'];
$array_functions = array('outboundani_get_inventory', 'outboundani_get_campaigns', 'outboundani_get_statuses', 'outboundani_update_outboundani', 'outboundani_create_inventory_ingroup', 'outboundani_create_unassigned_ingroup', 'outboundani_count_matching_records', 'outboundani_get_dids_from_ingroup', 'outboundani_add_dids_to_ingroup', 'outboundani_remove_dids_from_ingroup', 'outboundani_configure_campaign_disposition_url', 'outboundani_configure_campaign_disposition_url_v2', 'outboundani_enable_ani_selection', 'outboundani_get_lists', 'outboundani_get_contact_fields', 'outboundani_process_dispo_url', 'outboundani_get_refresh_file', 'outboundani_get_version', 'outboundani_get_callmenus', 'outboundani_get_dids_from_callmenu', 'outboundani_get_refresh_file_new', 'outboundani_get_security_phrase_stats', 'outboundani_get_refresh_file_v2', 'outboundani_get_hopper', 'outboundani_update_security_phrase');
if (!in_array($function, $array_functions)) {
    echo '{"result" : "FAIL", "reason" : "function does not exist"}';
    exit();
}
require_once ("../agc/dbconnect_mysqli.php");
require_once ("../agc/functions.php");


[mickom]

Hello,

I have read the entire topic but I am not sure to well understand so I prefer to ask
If, as a company, I take the source code of Vicidial, modify it (rebrand, add functionalities, ...), host it in the cloud and sell usage of it to several customers for their own call centers, do I need to share the modified/added source code?

Thank you

[carpenox]

If someone requests it, yes

[mickom]

Only to my customers right?

[carpenox]

Also correct

[bastece]

I am in the process of building an application that will manage multiple things my customers use frequently (i.e. SMS, email, crm, PBX, etc). Some of them use dialers like vicidial, five9 and Ytel and I am scoping adding these as well, but I had a question:

I found goApiV2 on github and that seems to allow me to send API requests to allow them to manage their dialer from my application. The application that I am building is closed source so I wanted to make sure this is ok being that vicidial and goApiV2 are AGPLv3.

If it happens that I need to make modifications to the goApiV2, I am completely ok to release the modified goApiV2 if they ask for it. I just want to make sure the rest of my application will not be compromised by just using these APIs to connect to their servers.

Thanks.

[mflorell]

The AGPL license only requires code changes to be disclosed. If you aren't using any significant portions of AGPL code within your own code, then you have nothing to disclose.

[bastece]

Got you,

Thank you for the clarification.

Btw, I've heard that Ytel is 'vici-based'. Is this true? Wouldn't they have to disclose the changes they have made?

[carpenox]

If it's true they would only have to do so if one of there users requests it

[Acidshock]

I'll call it though... they have nothing to worry about because the license has no teeth at the end of the day. I have requested both from Ytel, Foxie, Primo and Convoso. All simply ignored the request and ghosted me even with an account. At the end of the day you have to have someone who's willing to sue them for it; which understandably the team is not willing to do so because of the financial cost and most clients aren't going to do it either.

[mflorell]

We did sue one of these companies once, and we won, and we have received the code changes for about a half-dozen of these VICIdial forks over the years, most of them without even the threat of a lawsuit, so it is possible, although we haven't made any of those requests recently.