lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]


On Tue, Sep 17, 2013 at 12:59:57PM -0500, Andrew Starks wrote:
> On Tue, Sep 17, 2013 at 8:18 AM, Fabien <fleutot+lua@gmail.com> wrote:
> > ). In most situations, nobody would want to read your sources if you gave
> > them for free; they won't bother studying a decompiled version thereof.
> 
> This is such an important point.
> 
> Quick story: I was having dinner with a pointy-haired boss (but also
> awesome guy) from another company. I made that point by saying, "If I
> wanted to sandbag my competitor for the next 12 months, I'd send them
> our source code." I went on to explain that in the time a team
> understands, and can separate value from legacy from mistake, another
> company's source, they'll be looking at an historical artifact.
> 
> Unfortunately, that dinner was also attended by one of our developers.
> He didn't appreciate that part of the evening. Lesson learned on my
> part, as I had inadvertently called his baby ugly, even though that
> was not at all my intent.
> 

If I actually believed people would steal my code, I'd do three things:

1) Register the code with the US Copyright Office before releasing, so that
I could sue for damages--including fat statutory damages--instead of just an
injunction. It's cheap ($35) and easy (all online) and only needs to happen
once for the base code, not for each release or addition. And even people
outside the United States can can register, because as far as copyright is
concerned foreign citizens have the same access to US courts, particularly
when infringement occurs in the US.

2) Insert markers in the code to make sure I could easily prove copying,
like an extra space in a protocol response, etc.

3) Make it relatively easy to copy, because I'm out to make money and
generally be productive, not learn the intricacies of code obfuscation,
which only takes time away from working on real projects.

Now, these things don't help stopping individual infringers. But individuals
with the skills to steal are few and far between, anyhow, and don't have
assets. And they weren't going to pay anyhow.

People who try to monetize on your code, OTOH, have assets. They're also
easier to catch because you can just examine the products that they release.