ComponentSoft.NET's components are based on stolen code: The evidence
ComponentSoft name confusion
This page is about ComponentSoft.NET fraud.
A ComponentSoft.IO is a completely unrelated, legitimate company and is not involved in this case.
Updates
2010-07-01 ComponentSoft.NET website is down for a day.
2010-06-19 ComponentSoft created bunch of link-bait blogs on posterous. Content is copied from their primary website and from Rebex tutorials.
2010-03-? CodeUltimate brand was
abandoned and the website now redirects to ComponentSoft.NET
Table of content
Summary
Most ComponentSoft.NET components are based on code stolen from other vendors.
They differ in some namespace, class and method names (to masquarade the similarity),
but are otherwise identical internally. The following table summarizes the details:
Component list
| ComponentSoft.NET's name |
Original Vendor |
Contains code from |
| Ultimate Ftp Expert |
Rebex |
Rebex File Transfer Pack |
| Ultimate Studio |
Rebex + others |
Parts of Rebex Total Pack +
components from other vendors |
| Ultimate NetKit |
Rebex + others |
Parts of Rebex Total Pack +
components from other vendors |
| Ultimate Ftp |
Rebex |
Rebex FTP |
| Ultimate SFTP |
Rebex |
Rebex SFTP |
| Ultimate SSH Shell and Telnet |
Rebex |
Rebex Telnet
and Rebex SSH Shell |
| Ultimate Mail |
Rebex |
Rebex Secure Mail |
| Ultimate Mail Template Engine |
Rebex |
Parts of Rebex Secure Mail |
| Ultimate Bounce Inspector |
Rebex |
Parts of Rebex Mail |
| Ultimate Email Validator |
Rebex |
Parts of Rebex Mail |
| UltimateMailMerge Suite |
Rebex |
Parts of Rebex Mail |
| Other |
|
Rebex is not the only vendor whose code was misused
by the scammers. Some of the components released by this scammer in the past infringe
on intellectial property owned by ComponentAce and
ComponentSpace.
You are advised to contact these companies if in doubt.
|
Hidden real company name and address
It looks like the con-artists behind Safabyte, ComponentForge decided that putting
a new API on top of code stolen from Rebex (did than last time with XtraComponents)
was not such a great idea after all. Instead, they decided to start over again with
a new brand. In February, they launched a new website at CodeUltimate.com,
but less than two months later, they finally settled on
calling themselves ComponentSoft.net. They even got a brand-new website design
this time. But the very stealthiness and secrecy they engage in is what revealed
them again.
Let's look closer:
- They never reveal their real company name and address. When pressed through their
transaction provider, they implicitly confirmed that they are not a US-registered
company, yet fail to mention this on their website. Instead, they still present
themselves as "ComponentSoft, a division of ATP, Inc.,
located in Walnut, California" while in fact they appear to be a division
of "ATP Technology, JSC located in Ha Noi, Vietnam".
ATP, Inc. also exists (and is linked to a Vietnamese-sounding name),
but it's unclear whether they have anything to do with ComponentSoft who don't even link to them.
- Their website states they are a Microsoft Certified Partner. Microsoft does not
know such company in either California or Kentucky. This alone is suspicious.
Microsoft sais that they have no record of them. When you ask ComponentSoft,
they provide a link to their MSDN profile and say they were certified
under ATP Tech. After checking with Microsoft again, you'll find that ATP Tech in Vietnam
is listed as a Hardware Partner only.
- Their domain name was aquired on 2010-03-29 and registered anonymously. See ComponentSoft.NET
WHOIS history records (items in red are anonymous registrations). After publishing
our blogpost about he ComponentSoft.NET scam at 2010-06-08,
they changed the registration to the a non-existent entity (ComponentSoft) (see WHOIS record from 2010-06-25). This alone makes them suspicious. Why would
a reputable company do this?
Public API similarities
API of many of their components look just like Rebex API with renamed classes. Some
parts were added, changed or removed, but the core functionality is the same. There
are even some identical bugs!
To check out the details, download the current trial build from ComponentSoft.NET website
and let us know. We'll send you the evidence.
Component internals similarities
Still not convinced? Then just use .NET Reflector to compare the assemblies. The
code in the first picture was written by Rebex. It is a part of SshSession.SendPacket
method. An identical code was found in ComponentSoft's UltimateSftp.dll assembly
(the second picture):
The tricksters at ComponentSoft will undoubtedly modify the stolen version
of SshSession.SendPacket as soon as they become aware of this page, but it doesn't really
matter. Most of the code in a majority of their components come from Rebex, so we can
simply find another example in that case. Just let us know if you need additional information
to do your own analysis.
False testimonials and forum posts
The testimonials at their website never mention anyone who could be easily contacted to
verify them. In fact, many of these testimonials look copy&pasted from other companies'
websites. Just try to google some of the names and testimonial texts. Just leave out the ComponentSoft
name and you'll be surprised. Or even better - try to contact the happy users. ComponentSoft.NET should
be happy to assist you if these testimonials were valid.
- Many of their forum posts are from 2009 and still mention ComponentSoft. This is strange,
because the domain name was only registered in March and previously belonged to a different entity.
In fact, these forum posts were simply recycled from forums of their previous incarnations - unsurprisingly,
they treat their customers' support request and nicknames just like other people's
source code.
Company history
The code is the same and the components are similar. Who is the original, genuine vendor
and who is a scammer?
Compare the company history and reputation:
|
ComponentSoft
|
Rebex
|
- The testimonials at their website never mention anyone who could be contacted
to verify them.
- No online mentions about ComponentSoft.NET before 2010.
- No real company behind website. The company they claim to be a part of is located in Vietnam,
yet they pretend to be a US-based endity at their Contact Us page.
- They claim that they are Microsoft Partner but Microsoft doesn't know about it.
|
- Founded in 1995.
- The Internet Archive (web.archive.org) houses
archived versions of rebex.cz from 1997-today (software consulting division)
- The Internet Archive (web.archive.org) houses
archived versions of rebex.net from 2002-today (.NET components). Both websites
are still active today.
- Rebex have always been located in Prague, Czech Republic and is not hiding this.
- Testimonials are bound to verifiable sources.
- Oldest known external reference: A vetaran user at forums.asp.net (with more that
45000 post points) recommended Rebex FTP component in July 2003. [link]
[screenshot].
- Rebex has been selling components via ComponentSource since 2004.
|
Read more:
FAQ |
Evidence |
Get a genuine version |
Contact