Re^3: An obfuscation script, and a question

[Added I figured I'd also note that I do like obfuscated perl. Why else create Allen Ginsberg - Is About?]

I was referring to the programs you are delivering as obfuscated source code to paying customers when I made the comparison to free software. I'm wearing two hats here - free software ~~user~~ user/developer in the evenings and corporate application ~~programmer~~ developer during the day time.

Of the times when I've had bugs in the commercial software I use (during the day, obviously) I don't know how many times I could have fixed the thing myself if the vendor had provided it with source code. Months have gone down the drain trying to work around bugs and trying to document the bugs so product support can duplicate them (and hopefully fix them as well). Of all the things I really hate, its trying to deal with bugs in closed source software. You could just continue the trend and not provide the source but that's making someone else's life harder. In fact, with obfuscated perl that's all it does since the skill level required to debug a compiled program versus an obfuscated perl program is an order of magnitude apart (having done both I think I can comment).

I recently had to fix a bug where HitBox JavaScript code was breaking part of an intranet web application (interactions via the onLoad handler). In this case the HitBox software is delivered as a text file containing obfuscated JavaScript code and some user documentation describing some global variables (among other things). This had me swearing the entire time because I just couldn't (and still can't) believe the gall of HitBox to provide obfuscated source code. In this case it is merely time consuming (it took me an hour or so) to get a readable source back. HitBox took our money for a product that didn't work in our environment and then I spent my time undoing their obfuscation just so I could fix the damn thing. At least they could have respected me and my employer enough to just give us the source outright.

So perhaps I see it as a respect issue. You disrespect your customer when you deliberately make life hard for them. But then I don't sell software so perhaps you've found that providing the source just means your work is ripped off. So perhaps it puts a smallish obstacle in front of your dishonest customers and actively disrespects your honest customers. I choose to disagree with you on whether this makes business sense or not.

As an open source programmer I don't think I need to prove my credentials to you or anyone. I spend almost every evening and weekends with my time split between activism and the coding to support that activism. If you really want to know what I'm spending my time coding I'll elaborate but I don't think that's relevant here.

Seeking Green geeks in Minnesota

Comment on Re^3: An obfuscation script, and a question

Replies are listed 'Best First'.
Re: Re^3: An obfuscation script, and a question by Anonymous Monk on Mar 14, 2003 at 00:10 UTC
Your latest post seems to me far more appropriate to the very intelligent person that you are. Seeing that you develop closed apps 9-5, you must therefore understand that is sometimes necesary in order to feed your family. As someone else noted, not all of us can mak a living from the royalties of on book, like Larry has managed to do. Myself, I write open source code 40 hours per week and make my living doing installation and configuration of my software. In the 13 years I've been coding, I've written precisely 3 proprietary apps. The other hundereds of programs have been open source, even little utility programs like this obfuscater that I write for my own use - as soon as I wrote it I found a place to post the source for others to use. I was then criticized for making my obfuscater available to you and others. 2 of the 3 programs that I have kept proprietary have been implementations of new security methodologies that I have developed. Given the precise nature of these two specific programs their utility is greatly enhanced by making their operation non-obvious. (That may not apply to a lot of security schemes, but in these two specific cases it's true.) Both have also been methodologies that I have spent months developing and must be paid for if I'm to pay my rent. Specically, this script I'm obfuscating now has taken me close to a year to develop. During that time my rent has gotten 3 months past due. If I'm to be around to develop anything, I have to have users of this software pay for it. That's reality. These scripts are designed to let a company protect their confidential data. If they want to save thousands or millions by using my software, I think it's reasonable to expect them to pony up $50 to help cover the cost of development. It's also a fact that other companies have attempted to steal both of my security technologies while my products were still in beta. That's not a theory - that's hard reality for me. My family is about to be homeless while some jerk is making big money stealing my technology that I spent a year developing. I don't intend to make that any easier than necesary. It would be nice if everyone were trustworthy, but that's not reality. So while you are taking a break from your full time job developing proprietary software please don't spend that precious time criticizing me for giving away my obfuscater. I would perhaps be more receptive to your ideas of you actually helped someone else by suggesting ways to obfuscate that one line, but if you are only here to stroke your own ego and show off then please share your thoughts with your fellow full time proprietary coders around the office and not bother those of us who eek out a living giving our work away. Ray	[reply]
Re^5: An obfuscation script, and a question by diotalevi (Canon) on Mar 14, 2003 at 00:32 UTC
When I immediately responded it was to the query "help me obfuscate my source code so I can sell licenses". I haven't been at this for thirteen years - heck, I'm only twenty-six years old thus far and prior to being a (paid) programmer was all manner of retail clerk (and eventually a phone soliciter for a marketting company). I don't make my living and feed my family (two dogs, three cats and a roommate who is between jobs) by selling licenses and when I deal with obfuscated code on the job there is a distinct problem involved. When I go home and program its with a political bias which again leads me to deprecate closed or obfuscated source programs. All this really means is that for both you, me and the average person involved in technology there is a social context to our questions. When people post questions that are supportive of spamming operations they tend to be removed or not responded. Similarly, there is a significant problem with closed and obfuscated source software and I'm sure you'll recognize the obvious bias inherent in asking a collection of open source programmers for help with keeping source code secret. The general thrust here is that I'm willing to sympathize with you especially as I don't have to deal with competitors taking my code and selling it as their own (since I don't have competitors period (all the open source software I write is oriented toward GIS and database operations for political activism and in furtherance of democracy everything is available for free)). I'll respond to your question later tonight or tomorrow. Just now my roommate wants me to come home so we can eat. Seeking Green geeks in Minnesota	[reply]
Re: Re: Re^3: An obfuscation script, and a question by Anonymous Monk on Mar 14, 2003 at 00:15 UTC
I must apologize for the tone of my last paragraph. I'm sorry, it can be extremely frustrating when you've got an eviction notice on your desk and someone suggests that you have no right to protect your your work from wholesale theft. Ray	[reply]