Forum: Ruby on Rails Distribute Rails app. without source code

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Bb5b6faf17726024081bbcb6cad71291?d=identicon&s=25 Jesús Dugarte (Guest)
on 2006-03-23 19:49
I have a commercial software that Iâ??d like to completely re-do in Ruby
on Rails, as a web application on Apache. But I donâ??t want to distribute
it with the source code. Is there any way to install/deploy and Ruby on
Rails application without the source code?

Thanks in advance,

Jesús Dugarte.-
42172acdf3c6046f84d644cb0b94642c?d=identicon&s=25 Pat Maddox (pergesu)
on 2006-03-23 20:13
(Received via mailing list)
No, unfortunately that's one of the existing shortcomings of Rails.
The #1 solution I've seen is to host it yourself..usually on a
dedicated server/VPS of your own.

Pat
38a8230ed3d5c685558b4f0aad3fc74b?d=identicon&s=25 Joe Van Dyk (Guest)
on 2006-03-23 20:16
(Received via mailing list)
On 3/23/06, Jesús Dugarte <jdugate@gmail.com> wrote:
> I have a commercial software that I'd like to completely re-do in Ruby
> on Rails, as a web application on Apache. But I don't want to distribute
> it with the source code. Is there any way to install/deploy and Ruby on
> Rails application without the source code?

This has been extensively discussed in the past on this list.  Please
check the archives.

Joe
Bb5b6faf17726024081bbcb6cad71291?d=identicon&s=25 Jesús Dugarte (Guest)
on 2006-03-23 21:09
Joe Van Dyk wrote:
> On 3/23/06, Jes�s Dugarte <jdugate@gmail.com> wrote:
>> I have a commercial software that I'd like to completely re-do in Ruby
>> on Rails, as a web application on Apache. But I don't want to distribute
>> it with the source code. Is there any way to install/deploy and Ruby on
>> Rails application without the source code?
>
> This has been extensively discussed in the past on this list.  Please
> check the archives.
>
> Joe

Thanks Joe.

I first supposed that the subject must have been discussed in the past,
but I did several searches in the forum and wasn't able to find anything
related. What should I look for in the archives?

Jesús Dugarte.-
6ef8cb7cd7cd58077f0b57e4fa49a969?d=identicon&s=25 Brian Hogan (Guest)
on 2006-03-23 21:13
(Received via mailing list)
You could, theoretically, make people pay for the source to your
application. There's lots of ASP applications out there.

It just comes down to enforcement of your license agreement.  That, or
host
it and charge people to use it, or offer to install it at their location
for
a ton of money.
E2489efc6ec10ec818b71965909ea109?d=identicon&s=25 Jin Lee (Guest)
on 2006-03-23 21:17
(Received via mailing list)
Try searching for "compiler" and "obfuscate" - I did in my gmail search
box
and found alot of results.

Jin
Bb5b6faf17726024081bbcb6cad71291?d=identicon&s=25 Jesús Dugarte (Guest)
on 2006-03-24 02:10
Pat Maddox wrote:
> No, unfortunately that's one of the existing shortcomings of Rails.
> The #1 solution I've seen is to host it yourself..usually on a
> dedicated server/VPS of your own.
>
> Pat

Is it planned that Rails has a way to do that in the future?

Jesús Dugarte.-
24e30ea2f4bfda89a9a915dd18247d05?d=identicon&s=25 Jeremy Huffman (Guest)
on 2006-03-24 02:30
(Received via mailing list)
I'm curious, are you worried about IP theft (people stealing and
selling your product rebranded ) or loss of service dollars as the
internal IT staff can make enhancements themselves?

I'm just curious because the advent of distributing machine code was
more of a convenience and not conceived as a way to ward off IP theft
- nor is it immune to such threats. I doubt many in the ruby/rails
community see it as a weakness that they should concern themselves
with.

Machine or binary or obfuscated code is not secured code that you can
be prevented from tampering with, so you must just be talking about
making it difficult for the average user to adapt your code to their
own uses without your own compensation. I would recommend instead that
you focus on your value proposition as a servicer to the ordinary
user.

On 3/23/06, Jesús Dugarte <jdugate@gmail.com> wrote:
>
> --
> Posted via http://www.ruby-forum.com/.
> _______________________________________________
> Rails mailing list
> Rails@lists.rubyonrails.org
> http://lists.rubyonrails.org/mailman/listinfo/rails
>


--
Jeremy Huffman
http://www.jeremyhuffman.com
Bb5b6faf17726024081bbcb6cad71291?d=identicon&s=25 Jesús Dugarte (Guest)
on 2006-03-24 05:25
Good question.

First of all, youâ??ll have to forgive me: Iâ??ve been in the
â??closed-sourceâ? development business for too long, and when it comes to
freely distribute my source code, my mind just freaks out. Old habits
take long to disappear. Iâ??ve been hearing and reading about the open
source movement for some years now, but only recently (a year or so) I
started doing some php, mysql, apache and the likes. And Iâ??m thrilled, I
must say :-D

To your question: Yes, I have to confess that the first thing that comes
to my mind when I think of leaving the source code of an application to
the hands of a user/customer is the possibility of my product being
â??stolenâ?. Hence, the question I originally posted.

I have found several articles in the past months going along with what
you say (â??focus on your value proposition as a servicerâ?), and that, I
have to say, represents a big change in my conception of what my
business is. It takes time to digest, but Iâ??m trying to catch up with
the idea.

I only starting with Ruby, and with Rails, and I donâ??t have enough
knowledge or experience about them as to point weaknessesâ?¦ yet ;-) I
mean, my original question wasnâ??t intended as a critic of these
products. On the contrary, I found myself falling in love with them as
an irresponsible teenager ;-)

I appreciate your advice. I will certainly keep in mind.

Jesús Dugarte.-

P.D.: English is not my mother tongue, so please be gentle with this
post :-)


Jeremy Huffman wrote:
> I'm curious, are you worried about IP theft (people stealing and
> selling your product rebranded ) or loss of service dollars as the
> internal IT staff can make enhancements themselves?
>
> Jeremy Huffman
> http://www.jeremyhuffman.com
C1e5a9e9344b6d31b9df7303e6dc378a?d=identicon&s=25 Craig White (Guest)
on 2006-03-24 05:41
(Received via mailing list)
On Fri, 2006-03-24 at 05:25 +0100, Jesús Dugarte wrote:
> To your question: Yes, I have to confess that the first thing that comes
> I only starting with Ruby, and with Rails, and I donâ??t have enough
> post :-)
----
it is an interesting posture to take...using free tools such as Apache,
ruby, rails, mysql etc. and creating source code that no one else is
supposed to see.

As for the value proposition...that seems obvious to me - it is more
valuable to my customers to have full access and control over the source
code - they are paying for it - they deserve it. If I am unable to
provide the value for my time/efforts, compiled, encrypted,
undecipherable code doesn't enhance my prospects for keeping a good
relationship with my client anyway.

Craig
Bb5b6faf17726024081bbcb6cad71291?d=identicon&s=25 Jesús Dugarte (Guest)
on 2006-03-24 14:54
Jeremy Huffman wrote:
> I'm curious, are you worried about IP theft (people stealing and
> selling your product rebranded ) or loss of service dollars as the
> internal IT staff can make enhancements themselves?
>
> On 3/23/06, Jes�s Dugarte <jdugate@gmail.com> wrote:
>
> --
> Jeremy Huffman
> http://www.jeremyhuffman.com

After a good night sleep I woke up this morning still thinking about
your question. Where I live and work (Venezuela), there are two
situations that arenâ??t very unlikely to occur, being piracy software a
very profitable business as it is here:

-	I walk into a company office (not one of my costumers), for whatever
reason, and find my product installed in a computer.
-	Someone calls me (not one of my costumers again) very aggravated,
complaining about my product, company or service quality, because some
non-identified technician installed my product in his/her company, and
something is wrong (whereas the product is malfunctioning due to poor
support, or this â??non-identified technicianâ? disappeared out of the blue
leaving them without support -and suddenly that is our fault-, etc.)

These situations have actually happened to me and my company in the past
and, besides the fact that Iâ??m flattered that my products might be as
popular as to be the target of the piracy business ;-), they may (and
has in some cases) damaged the image of my company, product or service.
Thatâ??s when we decided to go with a software key licensing system to
protect our products.

I understand that now, with open-source tools, web application and so,
this scenario is changing radically for us. Weâ??ve been using open-source
tools to do development outsourcing, and that has helped us reduce
development cost, deliver products faster, and sell services more
adapted to the current needs of our costumers. What I want to do now,
given these experiences, is to migrate our products to this
all-new-for-us scenario. Not the products or services we sell (with code
source and all), but the software products weâ??ve been licensing for some
10 years now. And thereâ??s when the fear to the situations I mentioned at
the beginning shows up.

Iâ??m not saying â??I wonâ??t do it unless a can compile/obfuscate my source
code�. Not at all. I will do it *despite* my fears and old habits, just
because Iâ??m thrilled and excited with the technology and the
possibilities (for fun :-) and for business) it gives me.

My question is: Does this happen to you in the open source community? Do
you get these piracy/fears situations? How do you handle it?

Thanks again,

Jesús Dugarte.-
4005a47a8f2ceee49670b920593c1d52?d=identicon&s=25 Ben Munat (Guest)
on 2006-03-24 17:14
(Received via mailing list)
Jesús Dugarte wrote:
> My question is: Does this happen to you in the open source community? Do
> you get these piracy/fears situations? How do you handle it?

1. No.

2. No.

3. There's nothing to handle... other than prominently displaying the
following[1] on your
site and in your code.

b

[1] http://www.gnu.org/licenses/gpl.txt

(Pay particular attention to item 11.)
4daf0b71d5d9a3882e583c0e72eaf5dc?d=identicon&s=25 Alan Francis (Guest)
on 2006-03-24 17:40
Jesús Dugarte wrote:

> My question is: Does this happen to you in the open source community? Do
> you get these piracy/fears situations? How do you handle it?

SOmething like Mint (www.haveamint.com) is a for-sale, pay-your-money
webapp written (I think) in PHP.  It might be worth your while contacing
Shaun Inman and asking him about this.

Open Source and/or Free Software (the GNU licence ben mentioned) is a
*very* different thing from buying a product with a commercial licence
that just happens to have human-readable code.

You don't have to be OpenSource, or go with GNU, just to ship your app.
These are types of licencing, not types of packaging.  You can just as
eaisly sell your product with your own terms and conditions saying it's
not for redistribution.  You've obviously had stuff pirated before, and
presumably were able to take legal action to protect yourself and your
work.  The source being copied around isn't really any different from
the binary being copied around.

A.
4daf0b71d5d9a3882e583c0e72eaf5dc?d=identicon&s=25 Alan Francis (Guest)
on 2006-03-24 17:44
Alan Francis wrote:
> SOmething like Mint (www.haveamint.com) is a for-sale, pay-your-money
> webapp written (I think) in PHP.  It might be worth your while contacing
> Shaun Inman and asking him about this.

The mint licence is here: http://www.haveamint.com/license


some excerpts:

"This Agreement grants a non-exclusive, non-transferable license to
install and use the Software on a single Website. Additional Software
licenses must be purchased in order to install and use the Software on
additional Websites. The Author reserves the right to determine whether
use of the Software qualifies under this Agreement. The Author owns all
rights, title and interest to the Software (including all intellectual
property rights) and reserves all rights to the Software that are not
expressly granted in this Agreement."

"You may not:
Distribute derivative works based on the Software...
Reproduce the Software except as described in this Agreement;
Sell, assign, license, disclose, distribute, or otherwise transfer or
make available the Software or its Source Code, in whole or in part, in
any form to any third parties;
Use the Software to provide services to others;
Remove or alter any proprietary notices on the Software"


As far as I can see the fact that someone can read the code here makes
it easier for them to diagnose a bug and submit a fix to Shaun, but
other than that they have no more stopping them from piracy than someone
who buys a C++ application.

Alan
55428cbf149e35dd4b65f1d019d04139?d=identicon&s=25 Matthew Palmer (Guest)
on 2006-03-24 20:43
(Received via mailing list)
On Fri, Mar 24, 2006 at 02:54:49PM +0100, Jesús Dugarte wrote:
> After a good night sleep I woke up this morning still thinking about
> your question. Where I live and work (Venezuela), there are two
> situations that aren???t very unlikely to occur, being piracy software a
> very profitable business as it is here:
>
> -	I walk into a company office (not one of my costumers), for whatever
> reason, and find my product installed in a computer.

Sounds like an easy sale to me.  A quick explanation of the facts should
result in either money being handed over or the software removed -- or
you've got some killer evidence for an injunction and lawsuit.

> -	Someone calls me (not one of my costumers again) very aggravated,
> complaining about my product, company or service quality, because some
> non-identified technician installed my product in his/her company, and
> something is wrong (whereas the product is malfunctioning due to poor
> support, or this ???non-identified technician??? disappeared out of the blue
> leaving them without support -and suddenly that is our fault-, etc.)

Sounds like an even easier sale to me.  Sure, people are going to be
pretty
pissed off when they call you because they're being eaten alive by a
bug,
but I'm sure you deal with pissed off people on a regular basis
(unfortunate
fact of doing business, I've decided), so you should be able to calmly
explain the situation to them and sell them your support.

> These situations have actually happened to me and my company in the past
> and, besides the fact that I???m flattered that my products might be as
> popular as to be the target of the piracy business ;-), they may (and
> has in some cases) damaged the image of my company, product or service.
> That???s when we decided to go with a software key licensing system to
> protect our products.

Since a software key system will only protect you against the
incompetent
anyway, there's no reason why you can't add a key system into your Ruby
apps
-- anyone who knows what they're doing in the unauthorised reproduction
game
will get around it no matter what, and your idiots won't know Ruby well
enough to get around it anyway.

> I???m not saying ???I won???t do it unless a can compile/obfuscate my source
> code???. Not at all. I will do it *despite* my fears and old habits, just
> because I???m thrilled and excited with the technology and the
> possibilities (for fun :-) and for business) it gives me.
>
> My question is: Does this happen to you in the open source community? Do
> you get these piracy/fears situations? How do you handle it?

Since my software is (almost invariably) FOSS, I'm thrilled when people
"pirate" my code -- it's validation that I've done something useful, and
it's another potential support sale in the future.  I have had the
experience of walking into a client site and seeing something I helped
write
running on their systems, and it was a huge buzz.  I've not had a random
person call me up to scream at me for some FOSS that I helped write not
working, and I doubt it'll ever happen -- and if it does, I'll be happy
to
attempt to convince them of the practicality of a support pack with my
employer.

As other people have said, compilation/obfuscation does nothing to solve
the
unauthorised duplication problem.  A strong licence agreement, visibly
executed at the time of software installation, is probably the best you
can
do, absent a move to a hosted service business model.

- Matt
This topic is locked and can not be replied to.