@sonic academy - What are my options with Kick2 1.1? Is it covered by the license agreement to expose a connection to the internet?

Hi Sonic Acedemy,

I would kindly ask to get an answer on this question. Kick2 v1.1 was changed in a way that it uses an internet connection to send and receive data every time it’s used as a plugin.

This is not the product what I’ve bought initially and I have no option in my account anymore to get the version I initially bought, which didn’t have this behaviour implemented.

I’m wondering in regards to your Terms and conditions; 8.2 Limitation of Liability (Terms & Conditions) if this change to the product is covered legally. I never accepted to use a product that contacts an internet server under these conditions. The risk of damage is largely increased by this change.

An active web connection can increase the chance to be exposed to a threat, as you just saw again some days ago by the Logitech incident were a vulnerabilities in this software could lead to successful remote attack on the computer were this software was installed.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1663

As this is not the product I’ve bought and the behaviour is largely changed by this, I would like to sell my Kick2 license, get a refund, get an option to disable any internet connectivity or any open ports or at least get access to the latest version which didn’t implemented this new behaviour.

Please tell me what my options are in this situation.

Thanks and kind regards,
rmai

Hi there

You can continue to use v1.05 which does not require an internet connection if you wish

If you need a link to that version let me know

Hey there @rmai

This is just my 2cts comment & thoughts about your concern and in case you’re really thinking of reselling your Kick 2 Plug In, this should be addressed to support anyway. Reselling/refund request should be addressed to S.A via mail or support ticket.

So if you wish, you can either mail S.A using the following email customerservice@sonicacademy.com
or open a ticket using this link https://support.sonicacademy.com/hc/en-us/requests/new

Now that said, here are some points I would like to highlight :

• First thing first, don’t you have a backup/copy of your original Kick 2 v1.05 version on your system ?
  The key file is still available to download from your account, so uninstalling the latest version and getting back to previous v1.05 is still an available option. Let us know if you don’t have a v1.05 backup.

• It was announced with the Beta that you can use Offline Activation too, so once that done, you could simply put Kick 2 into a Firewall app and have it to refuse connections if this makes you feel more secure.

Next to that, don’t forget that further releases are still under development and therefore the “Connected Features” can still be improved in future releases and bypass function for those is still an option I suppose. I assume that S.A will surely take into account the feedback they receive from their customers on this point.

• My final point is about being so upset about this new plug in behavior & afraid of the future ? Of course I can understand the concern about a plain system integrity & security, but what I just mean by that is that we’re in an era of cloud files, decentralized applications, automated updates… just to name a few and this is not going to stop, it’s actually just going to increase in fact.

Think about Plug Ins, Daws and even Midi controllers & Audio Interfaces firmware… So should I name just a few like Native Instruments, Arturia, Fx pansion, Avid, Ableton, Presonus , UAD ?? ( a very few indeed !! ) but well, let’s face it : installation managers, authorization process, software & firmware updates are all happening online now, and even if people kind of “dislike it” at some point, they got used to it, started to find it convenient for the sake of management and gain of time, and even if not everybody is totally happy with it, it’s the way things are and will be more and more.

The market itself & the available technology is dictating this and it soon will make no sense to have this completely isolated computer running your audio products like we were aiming at in the past, we have to move on at some point.

Again, just my own point & reflection here, trying to make you feel more confident and optimistic about the future and what it could brings instead of only seeing the potential security breach & problems… But yes, it’s an all topic by itself, I know.

PS : I can see a reply from S.A while I’m typing this, so if you need a link to older v1.05 and prefer keep using this version, just let us know.

Thanks.

Guys, first I know that you’re on the good side. You show this by answering in a nice way. And the two deactivation per month shows that you’re understand the pure pain that software activation do to honest customers too.

But yes I have to show you that there are people out there who are really really annoyed by such designs. And especially that it’s not a nice move to change a product in this way and remove the old one from the account. I would never have bought it with the current behaviour.

I’m not a crazy person, but I’m working in the IT security field. And yes I think a lot of current designs can be lead to a larger chance of threats, as mistakes can always happen, like the provided link shows. And extrapolate what happens when everyone does it. I have about 50 plugins I guess. That means a lot of connections when everyone does it.

I see no problem with accessing DLC on a server or so when you want it to use. I see no problem when you have an installer software that is explicitly started by you from time to time to make updates. But I see a problem when a plugin establish a connection as soon as you start it like Kick2 1.1 does. You have no choice besides not using Kick2 1.1 and it’s not transparent what happens to the user.

And as it was given as an example. Not a single Native Instruments plugin I know does this. Even most plugins that you have to activate online are silent after that activation. So far I noticed only very few plugins who always establish a connection on start. And not all but most of them can even disable it in the options.

@bryan_spence: Thanks for the offer. But is there a reason it’s removed from my account? I will have a quick look at my backups tomorrow, maybe I have an 1.05 version somewhere. I have only stored my license currently on my pc because I never thought that I lose access to the installer. I will let you know in case I don’t find it. Thanks again.

Cheers

We aren’t forcing you to update to this new system - you can continue to use the existing v1.05 which does not call home if you wish to do so.

Just to be clear we haven’t intentionally removed v1.05 from your account, it’s just how our current setup works - we replace the existing version with the latest version. I will certainly get an “Archived Versions” added so that you can continue to access the older copies if needs be! If you do need access to the v1.05 installer in the mean time please let me know and i’ll hook you up with a link.

Fundamentally it is for copy protection checks and for latest version releases - we only check the latest versions periodically, we can perhaps reduce the check frequency for copy protection, but we do still need to be able to do it. It is a brand new system that we have built and there will be tweaks to be made.

I am positive there are other plugins performing a call home to verify the license integrity as well. If you do not want KICK 2 to do this you could of course block internet access to your DAW and that would stop all calls to home from all plugins.

We have built offline activation into the plugin for this very specific use ( so that offline devices can also be activated )

Ok. Thanks for the clarification that there was no intention behind not offering the 1.05 version in the account. I understand that currently only the last version is shown in the account. But please understand also how this whole situation can be understood by a 3rd person.

By the way. I found a 1.05 version in my backup and I will stick with it. Therefore I don’t need a link currently. An archived versions would be handy, though.

I appreciate it very much that you take the time here to answer so detailed, but let us just agree that we disagree on net connectivity and plugins topic. An regarding copy protection. I’m pro copy protection and anti-piracy, but we have to think about how these system will be usable in the future.

Currently I’m more and more annoyed by invasive or complicated copy protection systems out there. It feels more like a punishment to buy software these days sometimes. But there are luckily still enough companies out there which offer minimal invasive copy protection were it’s still fun to buy stuff. That’s why I bought Kick2 in the past and would not buy it again nowadays.

Please be assured that I don’t want to offend anybody on a personal level with this topic. It’s just my honest feeling about this topic and I hope that it’s not written too harsh in tone.

Best regards,
rmai

Hey @rmai

OK, glad to know that you have a v1.05 backup that suits your needs then.

Some little talk again on this : first of all nothing offending here for S.A I think it’s a good point to discuss and an interesting subject to bring on the table, that’s also the reason to have a forum.

Again, I can grab the concern about those intrusive behaviors but what I see from the market is that we’re completely going in the other direction and that’s also due to the fact that people are asking for it. As an example, Slate Digital and others just announced that you could now get rid of the physical iLOK Dongle and use a software cloud solution. You have to move back your licenses from iLOK & Cloud when ever you want to use one or the other. Sound crazy but people have been yelling at the dongle thing for quite a time.

I use a lot of 3thrd party plugins and I sometimes received inquiries & surveys. Many companies are starting to ask if people are for center app installer, remote update version check and updates, online activation… and guess what, people response is positive because it makes life easier and they don’t fill concern by security. Next to that and for a long time, if not all plugins are obviously calling home on port 80 that some people dislike, you’ll be amazed of the number of plugins making request on port 443.

So unfortunately, companies & developers would have to cope with those new features and the surveys are reflecting that they are willing to do so because it will be soon a kind of new “standard” and needed feature and people would disregard plugins that won’t offer those in the end, just because the security concern is not what strike them first.

So yep, it’s an all topic on it’s own and the pro & cons could take like for ever but IMHO, future is not going to be based on the perfect safe isolated computer & software solution and at a certain point you’ll have no other choice that keeping using an old version feeling more safe but lacking new features & improvements or making the move.

That is just my opinion and how I personally see things going on, it will certainly be hard for companies to stay behind the masses tendencies & requests.

Cheers !

Hi,

I’ve kind of been out of the loop for a while. Can someone briefly explain what the fuss is? As far as I can tell from the changelog the connectivity is basically just update checks, no? Is there some kind of system that requires internet connection or communication with SA servers to maintain license validity or something?

I mean, I can understand someone wanting their software to remain unconnected for security reasons, but why not just disconnect from the internet when using your DAW then? AFAIC this is only really a problem if there’s some kind of intrusive copy protection tied into it.

What has changed is that you can now authorize Kick 2 v.1.1 by logging to your S.A Account from the plugin, no need to use the older key file system like it was done until v1.05. You can also manage your devices ( up to 2 ) on which Kick 2 is authorized ( a new tab “My Devices” is also present in your user account area on S.A website ). You are also now able to get notification & updates check directly from the plugin GUI.

Beside this new method introduced with v1.1, you have also the option for offline activation, so IMO it should fit everyone’s need depending if you want to keep your dedicated studio machine disconnected from the net or not.

Thanks for the explanation. Not a big deal to me. Lots of companies have this sort of activation system.

Only thing that stinks is a little is the two activation limit since AFAIK with the old keyfiles the limit either wasn’t there or wasn’t enforceable. I don’t need more than two active devices, so it doesn’t affect me for now but it’s deservedly unpopular for licensing systems become more restrictive to paying users when–let’s be honest–it will most likely not affect the ease of access for non-paying users at all.

Overall I like the update though. I’d been unknowingly on 1.04 this whole time, so there are lots of nice little improvements for me to enjoy. The text and menus look better too.

This limitation to authorize only 2 devices was already there in previous version using the key file, so nothing has been downgraded regarding this [quote=“Razzia, post:10, topic:34521”]
Overall I like the update though. I’d been unknowingly on 1.04 this whole time, so there are lots of nice little improvements for me to enjoy. The text and menus look better too.
[/quote]

Nice to read this, there’s also new GUI Size options from 75% to 400% accessible in the “Settings” now, so yes, overall I think it was a nice update and that the new activation & notification is really not intrusive or going against the user or performances