Password protection in non-commercial 6.0.1

Wed May 1 22:23:49 EDT 2013

On Wed, May 1, 2013 at 4:10 PM, Fabian Rodriguez
<magicfab at member.fsf.org> wrote:
>
> On 2013-05-01 18:14, J. Landman Gay wrote:
>> Security can't be in the community version. If it was, it would be
>> worthless; anyone could read the algorithm and use it to unlock
>> protected stacks made with the commercial version. Code protection
>> would be broken everywhere.
>
> It could be, but perhaps RunRev hasn't figured out a business model to
> make that viable yet.

No; this is incorrect.  It isn't a business model, but a programming model.

To put this ability in the community version would put the ability to
decrypt *every* livecode file out there in everyone's hands.  To be
able to execute the stack, the engine has to be able to decrypt, and
has to have the key.  The source to that section has the key.

"Angry" would not begin to describe my reaction under such
circumstances.  I would be sitting down with my partners to make a
decision whether to sue on my behalf for the time that I put in, or
whether to find another plaintiff for the class action on behalf of
all developers, or even possibly both.

Again, the simple version is that if the encryption/password code is
released, my work can be read by anyone.  This is *not* what I
contracted for when I payed for the full developer version.  I'm not
even flinching at the $1k/year.

> Mind you, anyone could implement another similar or better protection.
> What would be its purpose? Every single non-free "software protection"
> mechanism can be broken, given enough motivation (or boredom).

If someone put in similar or better protection, and released the code
to do it, they would have released the code to beat it.  And if,
somehow, they programmed around *that*, there is still the matter that
the GPL would require him to release this code (which is the nature of
"viral" licenses such as the GPL, as opposed to "public" license such
as BSD--and this is why viral license are used as part of such
"special rights" licenses.

> Keep in mind the current protection in LiveCode is just an
> implementaiton of DRM, or revenue protection,

That's not what is normally meant by "DRM".  RunRev protecting this
version is no different than any other software publisher (including
myself) expecting to be paid.

> under a model that is
> the opposite of what free open source software proposes.

In Stallman's universe, in which copyright is an evil, perhaps.

For those of us that write software to sell, however, it's another story.

Making an open source version is a business decision.  It has nothing
into buying into any ideology or worldview; it's about the bottom
line.

And, quite frankly, if RunRev started making noises about releasing
that code, I'd be in court for an injunction stopping them before they
could . . .

-- 
Dr. Richard E. Hawkins, Esq.
(702) 508-8462