Distribute Rails app. without source code


#1

I have a commercial software that Iâ??d like to completely re-do in Ruby
on Rails, as a web application on Apache. But I donâ??t want to distribute
it with the source code. Is there any way to install/deploy and Ruby on
Rails application without the source code?

Thanks in advance,

Jesús Dugarte.-


#2

No, unfortunately that’s one of the existing shortcomings of Rails.
The #1 solution I’ve seen is to host it yourself…usually on a
dedicated server/VPS of your own.

Pat


#3

On 3/23/06, Jesús Dugarte removed_email_address@domain.invalid wrote:

I have a commercial software that I’d like to completely re-do in Ruby
on Rails, as a web application on Apache. But I don’t want to distribute
it with the source code. Is there any way to install/deploy and Ruby on
Rails application without the source code?

This has been extensively discussed in the past on this list. Please
check the archives.

Joe


#4

Joe Van D. wrote:

On 3/23/06, Jes�s Dugarte removed_email_address@domain.invalid wrote:

I have a commercial software that I’d like to completely re-do in Ruby
on Rails, as a web application on Apache. But I don’t want to distribute
it with the source code. Is there any way to install/deploy and Ruby on
Rails application without the source code?

This has been extensively discussed in the past on this list. Please
check the archives.

Joe

Thanks Joe.

I first supposed that the subject must have been discussed in the past,
but I did several searches in the forum and wasn’t able to find anything
related. What should I look for in the archives?

Jesús Dugarte.-


#5

You could, theoretically, make people pay for the source to your
application. There’s lots of ASP applications out there.

It just comes down to enforcement of your license agreement. That, or
host
it and charge people to use it, or offer to install it at their location
for
a ton of money.


#6

Try searching for “compiler” and “obfuscate” - I did in my gmail search
box
and found alot of results.

Jin


#7

Pat M. wrote:

No, unfortunately that’s one of the existing shortcomings of Rails.
The #1 solution I’ve seen is to host it yourself…usually on a
dedicated server/VPS of your own.

Pat

Is it planned that Rails has a way to do that in the future?

Jesús Dugarte.-


#8

I’m curious, are you worried about IP theft (people stealing and
selling your product rebranded ) or loss of service dollars as the
internal IT staff can make enhancements themselves?

I’m just curious because the advent of distributing machine code was
more of a convenience and not conceived as a way to ward off IP theft

  • nor is it immune to such threats. I doubt many in the ruby/rails
    community see it as a weakness that they should concern themselves
    with.

Machine or binary or obfuscated code is not secured code that you can
be prevented from tampering with, so you must just be talking about
making it difficult for the average user to adapt your code to their
own uses without your own compensation. I would recommend instead that
you focus on your value proposition as a servicer to the ordinary
user.

On 3/23/06, Jesús Dugarte removed_email_address@domain.invalid wrote:


Posted via http://www.ruby-forum.com/.


Rails mailing list
removed_email_address@domain.invalid
http://lists.rubyonrails.org/mailman/listinfo/rails


Jeremy H.
http://www.jeremyhuffman.com


#9

Good question.

First of all, youâ??ll have to forgive me: Iâ??ve been in the
â??closed-sourceâ? development business for too long, and when it comes to
freely distribute my source code, my mind just freaks out. Old habits
take long to disappear. Iâ??ve been hearing and reading about the open
source movement for some years now, but only recently (a year or so) I
started doing some php, mysql, apache and the likes. And Iâ??m thrilled, I
must say :smiley:

To your question: Yes, I have to confess that the first thing that comes
to my mind when I think of leaving the source code of an application to
the hands of a user/customer is the possibility of my product being
â??stolenâ?. Hence, the question I originally posted.

I have found several articles in the past months going along with what
you say (â??focus on your value proposition as a servicerâ?), and that, I
have to say, represents a big change in my conception of what my
business is. It takes time to digest, but Iâ??m trying to catch up with
the idea.

I only starting with Ruby, and with Rails, and I donâ??t have enough
knowledge or experience about them as to point weaknessesâ?¦ yet :wink: I
mean, my original question wasnâ??t intended as a critic of these
products. On the contrary, I found myself falling in love with them as
an irresponsible teenager :wink:

I appreciate your advice. I will certainly keep in mind.

Jesús Dugarte.-

P.D.: English is not my mother tongue, so please be gentle with this
post :slight_smile:

Jeremy H. wrote:

I’m curious, are you worried about IP theft (people stealing and
selling your product rebranded ) or loss of service dollars as the
internal IT staff can make enhancements themselves?

Jeremy H.
http://www.jeremyhuffman.com


#10

Jeremy H. wrote:

I’m curious, are you worried about IP theft (people stealing and
selling your product rebranded ) or loss of service dollars as the
internal IT staff can make enhancements themselves?

On 3/23/06, Jes�s Dugarte removed_email_address@domain.invalid wrote:


Jeremy H.
http://www.jeremyhuffman.com

After a good night sleep I woke up this morning still thinking about
your question. Where I live and work (Venezuela), there are two
situations that arenâ??t very unlikely to occur, being piracy software a
very profitable business as it is here:

  • I walk into a company office (not one of my costumers), for whatever
    reason, and find my product installed in a computer.
  • Someone calls me (not one of my costumers again) very aggravated,
    complaining about my product, company or service quality, because some
    non-identified technician installed my product in his/her company, and
    something is wrong (whereas the product is malfunctioning due to poor
    support, or this â??non-identified technicianâ? disappeared out of the blue
    leaving them without support -and suddenly that is our fault-, etc.)

These situations have actually happened to me and my company in the past
and, besides the fact that Iâ??m flattered that my products might be as
popular as to be the target of the piracy business ;-), they may (and
has in some cases) damaged the image of my company, product or service.
Thatâ??s when we decided to go with a software key licensing system to
protect our products.

I understand that now, with open-source tools, web application and so,
this scenario is changing radically for us. Weâ??ve been using open-source
tools to do development outsourcing, and that has helped us reduce
development cost, deliver products faster, and sell services more
adapted to the current needs of our costumers. What I want to do now,
given these experiences, is to migrate our products to this
all-new-for-us scenario. Not the products or services we sell (with code
source and all), but the software products weâ??ve been licensing for some
10 years now. And thereâ??s when the fear to the situations I mentioned at
the beginning shows up.

Iâ??m not saying â??I wonâ??t do it unless a can compile/obfuscate my source
code�. Not at all. I will do it despite my fears and old habits, just
because Iâ??m thrilled and excited with the technology and the
possibilities (for fun :slight_smile: and for business) it gives me.

My question is: Does this happen to you in the open source community? Do
you get these piracy/fears situations? How do you handle it?

Thanks again,

Jesús Dugarte.-


#11

Jesús Dugarte wrote:

My question is: Does this happen to you in the open source community? Do
you get these piracy/fears situations? How do you handle it?

  1. No.

  2. No.

  3. There’s nothing to handle… other than prominently displaying the
    following[1] on your
    site and in your code.

b

[1] http://www.gnu.org/licenses/gpl.txt

(Pay particular attention to item 11.)


#12

On Fri, 2006-03-24 at 05:25 +0100, Jesús Dugarte wrote:

To your question: Yes, I have to confess that the first thing that comes
I only starting with Ruby, and with Rails, and I donâ??t have enough
post :slight_smile:


it is an interesting posture to take…using free tools such as Apache,
ruby, rails, mysql etc. and creating source code that no one else is
supposed to see.

As for the value proposition…that seems obvious to me - it is more
valuable to my customers to have full access and control over the source
code - they are paying for it - they deserve it. If I am unable to
provide the value for my time/efforts, compiled, encrypted,
undecipherable code doesn’t enhance my prospects for keeping a good
relationship with my client anyway.

Craig


#13

Alan F. wrote:

SOmething like Mint (www.haveamint.com) is a for-sale, pay-your-money
webapp written (I think) in PHP. It might be worth your while contacing
Shaun Inman and asking him about this.

The mint licence is here: http://www.haveamint.com/license

some excerpts:

“This Agreement grants a non-exclusive, non-transferable license to
install and use the Software on a single Website. Additional Software
licenses must be purchased in order to install and use the Software on
additional Websites. The Author reserves the right to determine whether
use of the Software qualifies under this Agreement. The Author owns all
rights, title and interest to the Software (including all intellectual
property rights) and reserves all rights to the Software that are not
expressly granted in this Agreement.”

“You may not:
Distribute derivative works based on the Software…
Reproduce the Software except as described in this Agreement;
Sell, assign, license, disclose, distribute, or otherwise transfer or
make available the Software or its Source Code, in whole or in part, in
any form to any third parties;
Use the Software to provide services to others;
Remove or alter any proprietary notices on the Software”

As far as I can see the fact that someone can read the code here makes
it easier for them to diagnose a bug and submit a fix to Shaun, but
other than that they have no more stopping them from piracy than someone
who buys a C++ application.

Alan


#14

On Fri, Mar 24, 2006 at 02:54:49PM +0100, Jesús Dugarte wrote:

After a good night sleep I woke up this morning still thinking about
your question. Where I live and work (Venezuela), there are two
situations that aren???t very unlikely to occur, being piracy software a
very profitable business as it is here:

  • I walk into a company office (not one of my costumers), for whatever
    reason, and find my product installed in a computer.

Sounds like an easy sale to me. A quick explanation of the facts should
result in either money being handed over or the software removed – or
you’ve got some killer evidence for an injunction and lawsuit.

  • Someone calls me (not one of my costumers again) very aggravated,
    complaining about my product, company or service quality, because some
    non-identified technician installed my product in his/her company, and
    something is wrong (whereas the product is malfunctioning due to poor
    support, or this ???non-identified technician??? disappeared out of the blue
    leaving them without support -and suddenly that is our fault-, etc.)

Sounds like an even easier sale to me. Sure, people are going to be
pretty
pissed off when they call you because they’re being eaten alive by a
bug,
but I’m sure you deal with pissed off people on a regular basis
(unfortunate
fact of doing business, I’ve decided), so you should be able to calmly
explain the situation to them and sell them your support.

These situations have actually happened to me and my company in the past
and, besides the fact that I???m flattered that my products might be as
popular as to be the target of the piracy business ;-), they may (and
has in some cases) damaged the image of my company, product or service.
That???s when we decided to go with a software key licensing system to
protect our products.

Since a software key system will only protect you against the
incompetent
anyway, there’s no reason why you can’t add a key system into your Ruby
apps
– anyone who knows what they’re doing in the unauthorised reproduction
game
will get around it no matter what, and your idiots won’t know Ruby well
enough to get around it anyway.

I???m not saying ???I won???t do it unless a can compile/obfuscate my source
code???. Not at all. I will do it despite my fears and old habits, just
because I???m thrilled and excited with the technology and the
possibilities (for fun :slight_smile: and for business) it gives me.

My question is: Does this happen to you in the open source community? Do
you get these piracy/fears situations? How do you handle it?

Since my software is (almost invariably) FOSS, I’m thrilled when people
“pirate” my code – it’s validation that I’ve done something useful, and
it’s another potential support sale in the future. I have had the
experience of walking into a client site and seeing something I helped
write
running on their systems, and it was a huge buzz. I’ve not had a random
person call me up to scream at me for some FOSS that I helped write not
working, and I doubt it’ll ever happen – and if it does, I’ll be happy
to
attempt to convince them of the practicality of a support pack with my
employer.

As other people have said, compilation/obfuscation does nothing to solve
the
unauthorised duplication problem. A strong licence agreement, visibly
executed at the time of software installation, is probably the best you
can
do, absent a move to a hosted service business model.

  • Matt

#15

Jesús Dugarte wrote:

My question is: Does this happen to you in the open source community? Do
you get these piracy/fears situations? How do you handle it?

SOmething like Mint (www.haveamint.com) is a for-sale, pay-your-money
webapp written (I think) in PHP. It might be worth your while contacing
Shaun Inman and asking him about this.

Open Source and/or Free Software (the GNU licence ben mentioned) is a
very different thing from buying a product with a commercial licence
that just happens to have human-readable code.

You don’t have to be OpenSource, or go with GNU, just to ship your app.
These are types of licencing, not types of packaging. You can just as
eaisly sell your product with your own terms and conditions saying it’s
not for redistribution. You’ve obviously had stuff pirated before, and
presumably were able to take legal action to protect yourself and your
work. The source being copied around isn’t really any different from
the binary being copied around.

A.