Hi Leon,

Thanks for the notes, may be parallel to our sales we may spend some time on
the points you mentioned to protect our selves in the future.

Best Regards,
Kranti K K Parisa



On Thu, Jan 21, 2010 at 9:54 PM, Leon Rosenberg <
rosenberg.l...@googlemail.com> wrote:

> Hello Kranti,
>
> first of all I strongly believe in open source software and don't like
> to obfuscate things. But well.
>
> 1. If you have internet connectivity on the target server you could
> only deploy a skeleton of your application and load the
> protect-worthly classes
> directly from your servers with own classloading with some funny
> remoteid exchange system. This way even the compile version of the
> application will never be directly available on customers hard drive
> (you must consider swapping and memory snapshots, but modern OSes
> encode them). It's cheap but will probably add a load of complexity,
> which you have to manage and, logically, your customer have to pay.
>
> 2. precompile jsps and use a code obfuscator on the jsps and compiled
> classes (they replace all private methods and variables with a1,a2,
> and so on). There are some on the market, more or less good. Use also
> css/js minifier, they obfuscate as well.
>
> 3. create a genial encryption algorithm with some one-time passwords
> and let the customers call you each time they restart the server for a
> new password. Maybe charge them per password. The server can then
> decrypt the classes with the password before it starts the webapp.
>
> 4. put the code and tomcat onto a usb stick with unreadable filesystem
> and hack yourself into the usb protocol. Drawback: you'll have to
> patch the browsers to accept urls like usb://localhost/yourapp.
>
> 5. stop wasting your time and invest it into developing new features
> and actually selling your product. If its worth copying it will be
> copied this way or other. So far no one has managed to protect its
> software against copying, better concentrate on things you really CAN
> achieve.
>
> regards
> Leon
>
> 2010/1/21 Kranti™ K K Parisa <kranti.par...@gmail.com>:
> > Well there are soo many comments on the cost of IP and other tools. when
> we
> > are a small team started working on a web based product with open source
> > tools, for sure we can't spend too much on the tools to protect the IP
> > rights. because once we deploy for few clients, if its a good product,
> what
> > if they steal the code and also ideas. i agree to have legal terms and
> all
> > that stuff. but that would be a big story for us being small.
> >
> > so just wanted to see if anything available to protect our work, ideas
> > (ideas at code implementation level by using different opensource
> > technologies, well there are many companies who started like this).
> >
> > anyways thanks for the comments, i would love to share if we invent
> anything
> > in this process, because small is big and it matters :)
> >
> > Best Regards,
> > Kranti K K Parisa
> >
> >
> >
> > On Thu, Jan 21, 2010 at 5:00 PM, André Warnier <a...@ice-sa.com> wrote:
> >
> >> Peter Crowther wrote:
> >>
> >>> 2010/1/21 Kranti™ K K Parisa <kranti.par...@gmail.com>
> >>>
> >>>
> >>>> How could we achieve this without the above tool? Because the pricing
> of
> >>>> the
> >>>> above tool is very costly.
> >>>>
> >>>> Well, you could always spend the developer-years to create your own
> >>>> version
> >>>>
> >>> of that tool... which would probably be *more* costly.
> >>>
> >>
> >>
> >> I'll add something to that, just for the sake of it.
> >> I personally find this situation ironic : here we have someone who wants
> to
> >> protect their own code, presumably so that they can charge the customer
> for
> >> a copy of it, in order to get back their cost of development and some
> >> justified profit for their work.
> >> But the same people are apparently unwilling to pay for a product that
> >> would allow them to do so, and is sold on the same terms.
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> >> For additional commands, e-mail: users-h...@tomcat.apache.org
> >>
> >>
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>

Reply via email to