Why go proprietary?

johnpoz

What's gained from the "obscurity"?

Here is my take, just a fan of pfsense/netgate - I have no special insight into any of their workings..

Lets put it this way... If you make special sauce for the burger you make, and this special sauce is the bomb, it really makes the burger..

Now another burger joint opens up the street.. And they make a "special" sauce as well for theirs.. Maybe because they pulled the recipe for the special sauce from the posting on facebook? the company did when when first starting..

As you tweak this special sauce and make it even better special sauce version 2.0 let say, do you continue post your recipe changes on facebook.. Or maybe you get tired of this down the street burger joint.. So you decide to no longer post updates to your special sauce on facebook ;)

bmeeks

There is a simple and very blunt answer --

Because unethical competitors will "steal" your intellectual property and sell it online undercutting you in price. And they will do this all over the world, concentrating their operations in countries that have very lax (or many times non-existent) copyright laws and means for prosecuting violations of same.

New features or improvements you make to your code that perhaps you have invested months of labor into creating and testing, the competitor incorporates into his code version in 5 minutes via a copy-paste operation from GitHub.

Keeping some or all of your source code proprietary helps combat this.

NollipfSense

Interesting conversations, indeed.

Gertjan

Hamburger sauce

I'll throw this one in When Kindness Backfires - The Tragic Tale Of Sun Microsystems as I saw it yesterday.
Because the question was always intriguing me.
I've worked with the so called "Pizzaboxes" from SUN (sparcstation ?) as they ware known in Holland, many years ago (1988 ?). A non proprietary TCP based network. A non proprietary network file system, a massive graphical interface, mouse based and all, which showed the basis for everybody else (they themselves borrowed it from Alto Palo I guess)

Although the video gives the impression that "they gave it all away", I do remember that there was a 4 digit price tag per unit, and no cents here - the 50 kg CRT non included.
And yes, they created and gave away Java.

Everything disappeared into Oracle for 7B$, and then .... nothing.

johnpoz

@gertjan said in Why go proprietary?:

sparcstation

Haha - dude your dating yourself ;) Haven't heard sparcstation in years and years.. Oh those were the days ;)

JKnott

@johnpoz

They had a Motorola 68000 CPU, IIRC.

Back in 95/96, when I was taking a Novell Netware CNA course, there was one of those in the classroom.

I used to work on VAX 11/780 computers, which were connected with DECNet over 10base5 "thicknet".

JKnott

@gertjan said in Why go proprietary?:

And yes, they created and gave away Java.

They did a lot of things. For example, they really pushed IP/Ethernet networks and IIRC, that came built in with Sun computers. They also bought StarOffice, turned it into OpenOffice and created the open document format for it. Unfortunately, Oracle tried to bring everything back in and, as a result, LibreOffice was forked off.

Cool_Corona

@gertjan

You need to get up to speed....

The most obvious way to ‘crack’ SSL doesn’t really involve cracking anything. Why waste time and money on cryptanalysis when you can just steal the keys? This issue is of particular concern in servers configured for the TLS RSA handshake, where a single 128-byte server key is all you need to decrypt every past and future connection made from the device.

In fact, this technique is so obvious that it’s hard to imagine NSA spending a lot of resources on sophisticated cryptanalytic attacks. We know that GCHQ and NSA are perfectly comfortable suborning even US providers overseas. And inside our borders, they’ve demonstrated a willingness to obtain TLS/SSL keys using subpoena powers and gag orders. If you’re using an RSA connection to a major website, it may be sensible to assume the key is already known.

Of course, even where NSA doesn’t resort to direct measures, there’s always the possibility of obtaining keys via a remote software exploit. The beauty is that these attacks don’t even require remote code execution. Given the right vulnerability, it may simply require a handful of malformed SSL requests to map the full contents of the OpenSSL/SChannel heap.

And its just the beginning....

Gertjan

@jknott

sed \openoffice\mysql\$$_\
.... and mariadb was forked off.

Dobby_

@somethig
Many others will do it in the same way, or am I wrong with that?

RouterOS
Untangle
ClearOS
Endian
Sophos