Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW

Re: Protecting our work

by fizbin (Chaplain)
on Aug 27, 2005 at 13:43 UTC ( #487144=note: print w/replies, xml ) Need Help??

in reply to Protecting our work

There is another tack that a senior programmer at my job once suggested for our core software: consider it commercial but trust all of your customers to be basically honest. This is not hopelessly naive: it's based on the idea that those who really wanted to rip us off would anyway, no matter what we did, and that our customers were by and large big financial firms with regular internal audits. The upshot is that the monetary difference between "assume everyone's honest" and "lock the stuff down" was not big.

I'll note that this seems to be the approach taken by Sybase overall; the number of licenses that you have access to is just a number in a system table that anyone with "sa" access can update. I assume they've made a business decision that it's not worth a technological restriction.

Now, if your market is mostly small businesses, I can see why the "trust the customer" approach wouldn't immediately be too attractive. However, I would encourage you to consider it, or rather a simple variation: don't enforce your license with technological measures, but with legal ones. As you're doing custom development with each client (you're building them a site), I assume that you have some standard contract with that site. Add the license of the CMS into that standard contract, and make the customer sign it in person rather than having it be one of those click-through licenses that few people read.

Spell out exactly what they can and can't do, and then have a simple reminder in the source code about the terms of the license, in terms of legal boilerplate comments in each file. You might also want to add a bit in the source code so that the CMS knows which domain it's licensed for, and puts an ugly "This is unlicensed" banner at the top of each page when used on an unlicensed site. However, I wouldn't go overboard worrying technological solutions to this ultimately legal problem - legal solutions should be good enough.

@/=map{[/./g]}qw/.h_nJ Xapou cets krht ele_ r_ra/; map{y/X_/\n /;print}map{pop@$_}@/for@/

Replies are listed 'Best First'.
Re^2: Protecting our work
by bradcathey (Prior) on Aug 27, 2005 at 18:25 UTC

    Great points fizbin. Your main point, plain and simple honesty, is the way I honor the licensing for my wysiwyg editor.

    I especially like your point about Sybase's business decision. I think you implied, or if not, I will, that too many restrictions might turn off the average customer and they might go elsewhere for their solution. And it is the simplist technologically.

    "The important work of moving the world forward does not wait to be done by perfect men." George Eliot
Re^2: Protecting our work
by spiritway (Vicar) on Aug 28, 2005 at 04:10 UTC

    I think you've hit it right on the head. I once had a boss who summed it up nicely: "Locks are to keep honest people honest". A determined crook can break into your house or your software protection. Fortunately, those folks are relatively rare. The rest of us do tend to pay up, especially if it's not *too* easy to pinch a copy.

Re^2: Protecting our work
by radiantmatrix (Parson) on Aug 30, 2005 at 16:06 UTC

    Excellent points, indeed. I have said time and time again that good technological solutions to this type of issue should have but one purpose: to inform the ignorant of a potential violation.

    I believe that most people want to stay on the legal side, but I also know that something that gets passed to a friend for evaluation (a good thing, IMO) needs to have a simple control that reminds an unlicensed user that they have an unlicensed copy. This could be as simple as a UUID in a database table that indicates a licensed copy. Yeah, it's easy to bypass, but people who really don't care about licensing will find a way to bypass any control.

    By using a simple measure, you provide a gentle reminder that a user needs to license your software; however, you avoid placing an unfair onus on legitimate users of your software. But, if you don't place some kind of simple control like this, the chances are high that people who are willing to pay for the right number of licenses (etc.) will accidentally use many more than they've paid for.

    As with most things, balance is the key.

    Larry Wall is Yoda: there is no try{} (ok, except in Perl6; way to ruin a joke, Larry! ;P)
    The Code that can be seen is not the true Code
    "In any sufficiently large group of people, most are idiots" - Kaa's Law

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://487144]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (1)
As of 2017-03-25 03:31 GMT
Find Nodes?
    Voting Booth?
    Should Pluto Get Its Planethood Back?

    Results (310 votes). Check out past polls.