really? you honestly don't see how a school allowing their students to sell their technical partner's (not public[1]) content is relevant?
[1]: pre-emptive reply: no, it's not public, half the article is talking about how he's circumventing their authentication system. this is NOTHING like a news aggregator.
> allowing their students to sell their technical partner's content
He isn't selling their technical partner's content. He is selling the reader, the content is already freely available to whoever can use the app anyway via a browser and their login credentials. There is a big difference.
i don't think there is a big difference. without their content[1], his app is nothing; the web browser is still a web browser.
[1]: it's irrelevant whether the school or the partner owned it, he did it without permission (and i highly doubt the reader has the license to do whatever they wanted with that data either).
You must be reading a different article. The OP does not circumvent authentication in any way. The OP caches it... that's it. And, that was only for some of the data, not the entire app.
since we've established the data is not public, and is in fact restricted and controlled, how is it anything "mostly like" hacker news? hacker news does not store your NYtimes username and password, scrape the NYTimes site for an auth token, make a login request on your behalf to copy that article and display it, in full text stripping out the NYTimes attribution and branding, on hacker news.
what would happen if they did is a thought experiment i'll leave up to you.
if you weren't aware, many school districts partner with a private firms for technical services... which include things like selling the school a web site.
what i'm saying is no, the school didn't reject this app... their partner – your competition – did.
edit: oh wow, i've realized i had missed half the article (i stopped reading at the first screenshot)... you're charging for an app that stores passwords, scrapes 3rd party content, practically bragging about how you removed the company and school's branding... and you're upset?
Educacional is their provider for some online content (mainly games and similar stuff for young kids to have IT lessons). The grades db, memos and so on are managed by the school itself, and the news as well. Educacional, as far as my app is concerned, is simply a gateway for getting authentication tokens to /those/ services which I actually use.
And, the app that I mentioned in the article (which could be considered as a competitor of sorts) is also being developed by the school itself.
Their app's feature set consists of contact information, maps to the school, a gallery of static photos about the school, and webviews that display their website's content directly. It doesn't even comprise grades, memos and so on, which is what my product's focus is. That's why I don't think that's the reason.
So, you requested written permission... didn't get it... charged for your app... and now they are just a bunch of luddite meanies turning you into an evil villain instead of fawning all over you?
You are serving as a proxy for credentials into a system where the school is legally liable to protect the privacy of the students, families, and staff. Yeah. You get shut down NOW. It doesn't matter where your code is or how great your work is. you are taking control of something that they are required to protect.
If someone can hack iOS or your app and steal credentials, who's ass is on the line for discovering, disclosing, remediating, rebuilding trust, resigning, etc.? All those people have enough work without your app. They are responsible for what they create. They can't be responsible for your work. If they knowingly let it exist, they will have to take responsibility for any fallout that may come from it.
Who is going to be handling all the calls when people change their passwords at the site, but your app locks their accounts out by trying to use the cached credentials?
They have plenty to lose with your app. You are learning many things.
I think there are tons of valid reasons why the app should be shutdown. The OP mentions some of them as well. What he finds ridiculous is that of all the things the school could object to, they complained about "copyright infringement" , saying that you're displaying our data to the people who it is meant for, who are authorized to view it.
But it sounds like the app isn't doing anything a web browser couldn't do. This is a recurring theme among authoritarians now: take something that a web browser does, and argue that because it's being done outside of a web browser, somehow that's wrong. Look at weev; that's exactly what he did (there are certainly other aspects, but it was one used to scare the court and the aspect that the prosecutor willfully failed to understand).
"All those people" are responsible for a public API; in this case, it is a text-based api over HTTP only, meant for human consumption, but it's an API nonetheless. This app does not bypass that API. If they don't like how the API is being used, they need to change it; but of course you can't close it completely. This is the analog hole of the Internet.
Web browsers are just a client for that particular kind of API. It's ridiculous to limit which clients can access an API, as long as they do so correctly. Of course, you can make it difficult or impossible for unapproved clients to access the API, that will achieve the goal; that's what DRM does. But by not putting those controls on the API you're allowing new competing clients to connect with it.
You can try to recontextualize it to suit some internal need of yours to feel OK or good about something being bent to suit another purpose. That doesn't change the copyright in spirit or in law.
It's not a public API meant for human consumption. It's a viewstate object, which is meant for currying data back and forth inside controls, etc. in an ASP.Net application. It's not an API. He had to hack that format which is feasibly a DMCA violation as well.
Weev would be a horrible example to bring up.
I'm not sure we're going to close a gap here if you feel all copyright is stripped the moment data can be presented in an anonymous user's browser.
> our notice told Vivint it was for unnatural/spammy links to their site. It's really not hard to find these spammy posts, so I'm not sure where the disconnect happened.
the disconnect probably happened because you feel that telling people through an internal tool is adequate.
