David Emery Online

Hi there, I’m David. This is my website. I work in music for Apple. You can find out a bit more about me here. On occasion I’ve been known to write a thing or two. Please drop me a line and say hello. Views mine not my employers.

Signup to receive the latest articles from de-online in your inbox:

Think, Think, Think

28 February 2006

A tricky little problem for you all to ponder over:

How do you prevent piracy in something you give away all the source code to?

For example, say you’re selling a web app. It’s not a hosted service – people run it on their own servers – it’s written in php, and it costs money. You can’t just put in a serial number check like you would in a desktop app, as any enterprising hacker would just remove it from the code!

One option would be to do what Mint does (according to these notes from the Carson Future of web apps summit ) – have no protection, and guilt trip people into not pirating.

Guilt as a method will only work for so long, I think, and simply doesn’t scale in the long run (if it even works at all).

Another possible option would be to have some form of remote licensing, with the app phoning home to a licensing server (possibly with a check sum of the app?) in order to run. To prevent the hackers just commenting this code out, the licensing server could contain part of the app, so any attempt at hacking would render the app unusable. This idea seems nasty though.

So, any ideas?

UPDATE: This post by Shaun Inman is also very interesting – he suggests a Firefox extension to check for pirated installs, but again I think this is any idea that just doesn’t scale.

From: Articles

28 February 2006