Hi there,

We made pretty serious changes in the licensing policy for Image Uploader 6. It is not similar to the old one and someone may be confused with it. However I strongly believe that it is much more straightforward. That’s why I decided to write this post to explain our point of view on the licensing questions.

Single Domain vs. Express/Standard/Professional

From the very first version of Image Uploader, the primary license type was a Single Domain license. It was issued for a website with one full-qualified domain name, and it was limited by a single server. For more servers, a separate license type called Web Farm license was provided (the reason why multiple servers require additional licenses is outlined below). Things were getting complicated when such websites required multiple domains, etc.

Taking into account our past experience with customers’ licensing demands, we have reviewed our licensing system. Now each website requires only one license. This license allows using it with a single server and one domain (other limitations are omitted for brevity, so refer licensing pages for more details on this). If this is not enough, you should extend the license with so-called connectors. There are two kinds of connectors – server connectors and domain connectors.

This license plan is called Standard. It has a sibling – a license plan called Professional. The only difference is that the Professional version includes some additional features primarily interesting to the photo printing companies.

These license plans are more consistent comparing to the Domain and Web Farm licenses. However they may seem pretty expensive for a number of customers. But we wanted to keep Image Uploader affordable for startups and small websites as well. That’s why we offer an Express license plan in addition to Standard/Professional. It is very similar to the old good Domain License, but however it includes fewer technical support features.

I would like to comment this point with support. For a long time, our policy was to provide the same level of technical support to everyone. But in the course of time we got a number of customers who have special requirements for the support - guarantied response time. That’s why we made a difficult decision – we provide unlimited high-quality technical support with guarantied reply in 24 hours to Standard/Professional customers only.

But it does not mean that Express customers do not get any support at all. They still can submit up to 2 cases, and of course they can post messages on forums. According to our statistics, it should satisfy a big number of our customers.

About Server Connectors

Some people wonder why the price for the client-side software like Image Uploader depends on the number of servers, their CPUs, etc. Let me explain.

Ideal fair measure for a software price should be the intensity of its usage. When we talk about common standalone desktop applications, it is easy to estimate – the number of workstations where the software is installed is a good appraisal. That’s why this licensing model is so popular for such kind of applications.

However when we consider such application as Image Uploader, it is not so easy. On one website Image Uploader may be downloaded by 1000 people, on another one – by 1000000 people. And the worst thing is that a website owner is not always able even to calculate this number. The same situation we see if we try to use some similar metric, like amount of uploaded data or something like this.

That’s why we decided to use another metric – the power of the server side which processes the upload (i.e. the number of servers, etc). This value is clear and easily managed by the website owner. And it seems to be fair enough, because it is unlikely that someone will purchase and configure large web farms and let it be idle. So to make the licensing policy scalable, we just deem each additionalserver, CPU, or CPU core as a separate unit which requires purchasing a connector to the main license.

The arguable question here is whether to interpret multi-core CPUs in the same way as multiple single-core CPUs. On the contemporary market all new server CPUs are almost always multi-core, so it may seem not very good idea. But on the other side, it is obviously that 32-core SPARC is not the same as typical multi-core Intel or something like this. So the decision worthy of Solomon would be to set a threshold value for the number of cores which divides typical multi-core CPUs from something special like SPARC. In our case we consider CPUs with up to 8 cores as a single unit.

And the last aspect I would like to discuss regarding server connector is what to do if you use a virtual hosting rather than run it on real servers. This is especially actual because of growing popularity of such services as Amazon EC2, and similar.

Of course we do not have anyone to purchase licenses for all underlying hardware of Amazon EC2. Virtual hosting providers allocate resources in so-called Computing Units. Each such Computing Unit has the power comparable with common server with typical configuration. That’s why we just interpret such Computing Units as servers requiring connectors, not the real underlying hardware.

Single-owner Website vs. SaaS/Commercial Apps

In the previous section I explained how we make the price scalable based on the product usage intensity. But this is not the only parameter which should be considered. One more crucial parameter is whether the website is used by a single owner or itis an application used by multiple third party companies.

Imagine you build Image Uploader into a CMS engine. You host this engine on your server and let your customers an account, and create websites based on it.  From our point of view such usage of Image Uploader may be interpreted as reselling to third parties.

In such situation Express/Standard/Professional license plans do not work here. This is where we use classic license model for software component market. The idea is the following: instead of purchasing a website license with connectors, you purchase SDK licenses per each developer on the application development stage, and when you run it to the production, you purchase deployment licenses per each client.

Depending on your situation and what is preferable for you, you either purchase blocks of deployment licenses which cover all your present and future customers, or acquire a license for each separate customer.  But the general rule is simple – the price depends on the number of your customers, not on the intensity of the software usage.

We divide single-tenant and multi-tenant applications pretty long (at least from version5.0 or even earlier), but earlier it was less obvious, and it lead to misuse of some kind of old licenses. Hopefully now we managed to make it clearer.

Where is an IP license?

One of the main questions our previous customers may have is what an analogue for the IP license is.  This is quite ambiguous question.The answer depends on the nature of the website you run.

1. If you have single-owner website and need the IP license to cover all its domains (e.g. www.example.com, www.example.net, www.example-alias.com, subdomain.example.com etc.), you should switch to Standard or Professional license + appropriate number of domain connectors. If the number of domain connectors is not reasonable, we can provide special connectors for IP address or whole domain tree on aspecial request.

2. If you have a hosted application,you should switch to SDK/deployment model. If the number of clients of your application is more or less constant and do not grow extensively, most likelydeployment fee will be a block of licenses which will cover all your customers for the nearest year or other period of time.

Holders of the old IP license may have a concern about the price of deployment license block or IP connector. However I would like to ensure you that there will be no price skyrocketing. At least its order is the same as for old-fashion IP licensing.  

 

I hope I shed some light on new license policy and made it clearer. If you have any feedback or would like me to write one more post about some aspect of licensing questions, do not hesitate to leave a comment here.

Hello,

Today I was amazed to learn that Image Uploader is popular enough to cause open-source community to create applications which use Image Uploader. I have discovered an Image Uploader based addon for Drupal - very popular open-source CMS. It is called Aurigma Uploader for ImageField. It allows to upload files as attachments to the pages and stories posted on the website.  This addon was submitted to the Drupal website by Aaron Wolfe.

Although this addon is pretty raw (I had to modify the source code to get it working, and it still displayed some warnings), it was great to learn that such addon exists. I believe it will be improved and people will find it useful.

I had an idea about series of addons for various open-source CMSes, but unfortunately we had not enough resources to get involved into it deeply. I am glad to know that open-source community finds it interesting to do it.

By the way, if Aaron or any other person involved into this addon development need any assistance with it, we will be happy to help. Just let us know. 

I am going to tell some news which are quite important for us. Aurigma has been re-organized. From now onward Aurigma Inc is a Virginia-based company. New address can be found on the Contact Us page.

Our Tacoma, WA office has been closed. Please do not call there anymore. New phone number is 703.348.7804.

To follow up my previous post about Symantec - I got good news. Norton Antivirus does not block Image Uploader anymore. On the next day after Microsoft advisory release guys from Symantec removed Image Uploader from the stop list. I might post it earlier, but I decided to wait for a confirmation from Symantec officials. 

So if anyone got users complaining about Norton Antivirus (or other Symantec apps) blocking Image Uploader, just tell them to get latest updates. It should resolve the issue.

It turned out that vulnerabilities in Image Uploader caused not just killbit problem, but it led to one more aftermath. We are getting more and more complaints from our customer that end users experience issues with Image Uploader if they have Norton Antivirus installed. After some investigations we found out that Symantec especially included Image Uploader to the threat list in one of their updates. And perhaps unlike killbit, Norton affects new secure version.

I have just posted my suggestions how to handle this to Image Uploader FAQ forum:

http://www.aurigma.com/Forums/yaf_postsm9838_Image-Uploader-and-Norton-Antivirus.aspx

We will definitely make some more detailed investigations on this (what exact builds are affected, etc) and publish additional information in that post. Also, we are going to contact Symantec and try to come to some solution.

As I announced a week ago, Microsoft has released security update which includes killbits for old vulnerable builds of Image Uploader. Read Microsoft Security Advisory (953839) for more details on this.

Not just our software has been included into this advisory. It also includes Hewlett-Packard's Instant Support application. According to the story in Computerworld, in earlier advisories Yahoo's and Logitech's software were killbitted.

So now I want to thank all guys from Microsoft Security Response Center I dealt with for their assistance. I highly recommend all ActiveX control vendors (if any of them reading this post ) to contact Microsoft in case of such security issues. It is the best way to eliminate the aftermath of security bugs. Although the really best way is to avoid security flaws at all.

Thanks for attention. I hope this is a last time I tag my post with "security issue" or "killbit", and my further posts will be related to more pleasant things like news about future releases and so on. Stay tuned!

Hi there!

Only one week left before Microsoft release Cumulative Security Update for ActiveX killbits. They scheduled it for August 12, 2008 at approx 10am PST. 

Because of different reasons, we were not included in previous security updates released in April and June. But at last now we got the confirmation from Microsoft that Image Uploader killbits will be included in August issue.

Just reminding that all users who install security updates (i.e. vast majority of Windows users) will not be able to load old insecure version of Image Uploader in the browser. Internet Explorer will just block it. That's why we encourage all Image Uploader customers who did not update Image Uploader yet to update it ASAP. More details about it can be found in my previous post about killbits.

If it is unclear how to update or you have any other technical questions related to this security issue, do not hesitate to submit your question through the help desk system. 

We have released a major update of File Downloader today. For those who do not know what it is - it is an ActiveX control which allows clients to download multiple files from a server with a single click. A kind of Image Uploader, but it works vice versa. We can call it a junior sibling of Image Uploader.

So what is new there? In fact main purpose of this update was to improve performance, make it more stable, etc. In particular, now File Downloader is able to handle huge file lists (i.e. when the user downloads thousands of files). But of course we could not miss the opportunity to add couple killer features during refactoring. 

First of all - it is possibility to resume broken downloads automatically. The good news is that unlike Image Uploader, it does not discard partially downloaded file. If connection breaks at 50% while downloading 100MB file, no need to start to download it from the very beginning.

Another great improvement is that now Vista users can work with File Downloader much easier. Now it works when Internet Explorer is in protected mode (in which it is by default). In previous version it could work only if website that hosts downloaded files was in list of trusted sites. The only thing I do not like with File Downloader on Vista is that if UAC is enabled, it will still display these annoying dialogs asking to increase permission level. But this is a price the user pay for Vista security, and if they enable UAC, it asks for permission a dozen times per day.

So if you are already using File Downloader, I believe it makes sense to take a look at this new version. I believe you will find it worth of upgrading.

Hi guys,

On this week we are launching help desk system on Aurigma website. In fact it is already available, and you can start submitting support cases. But before we start using it into full force, we would like to test it and see how people take it. Also, some bugs still may encounter (for example, today one of our customer reported about problems with Mac which we have successfully fixed). So we do not like an idea to shut down our existing support system.

Currently we are using Microsoft Dynamics CRM 3.0. It has a service module which we use to track all issues submitted by our customers. When we have implemented this module about one year ago, it solved certain problems, but now we face new challenges. In particular:

• Email-based system is not reliable enough. From time to time we suffer from problems with spam filters, blocked attachments, corrupted emails (during conversion from email to CRM record).
  
• Microsoft did a great job, but this system is overcomplicated for such small company as Aurigma. Too much IT expenses and other headaches.
• It is not integrated with our website. It was not a problem at the first time, but we want to move forward. Of course, we could customize it, but, firstly, it would require a bunch of coding, secondly, there are some licensing issues.
  
• Microsoft CRM is not the best thing from usability point of view. On one hand this is a matter of habit, but on another hand bad usability = more time to spend to carry out some operation.
  

So we analyzed how we could overcome these problems, and found out that we need to implement some web-based help desk system instead of CRM.

Our first idea was to find some out-of-the-box solution, implement it on our website and integrate with it. But surprisingly we did not find anything which would work fine for us. All these system would require too much customization (time expenses comparable with creating it from a scratch). So we thought - we are software company after all! Couple weeks of development, the same amount time of testing and the new Aurigma help desk system is ready to go.

Let me outline concepts of this help desk system briefly:

• Single access point to customer's issues. We will shut down support@aurigma.com, and all support requests should be submitted into help desk system. It will make life easier both for customers and for us.
  
• Self-service system. It will try to suggest useful information whenever possible. Customers will be able to find solutions for most wide-spread issues without waiting for Aurigma support representative response.
  
• User-friendliness. On one hand the system gives the user hints what information we need to be able to help to overcome the problem, on the other hand, it does not require to fill in huge counter-intuitive questionaries.
• Satisfaction rating. We always tried to provide premium-quality support to everyone. That's why we need your feedback so that we could improve our support service if something is wrong at your opinion.
  

So we finished this system and to tell the truth, I like it. It looks capable to solve all goals we determined for it: decrease time necessary to solve issues and improve support quality. So let's see it in action, and I sincerely hope you will love it as strong as I do.

On these weekends we have released Graphics Mill 5.0. We have already wrote about main changes in this version before, but let me outline

• Post about new features (by Dmitry)
• Post about new licensing policy (by me)

In addition to it, you can find the following information about new release:

• Full change list.
• New pricing and licensing (note, SDK license has different meaning than Windows Forms Developer, and Server Deployment license has different meaning than old Server license).
  
• Download page.
• Std vs. Pro comparison chart. 

For existing customers we offer special upgrade offer:

• If you purchased Graphics Mill after April 2, 2008, you get free upgrade to Std or Pro (on your choice). Note, this is time limited offer - to get a free version, you should contact sales@aurigma.com before June 3, 2008.
  
• If you purchased Graphics Mill before April 2, 2008, you can purchase new version for 60% of the license price (however you need to keep new licensing model).

Any feedback about new version is welcome.