|
Agree on point of requirement.
Cost can be calculated on the effort.
Effort can be calculated once the requirement are freezed.
Happy Coding... 
|
|
|
|
|
About to hire my first programmer. Using Visual Studio 2913 with code checked into Visual Studio Online' which uses TFS (Team Foundation Services)
I want to protect my code from being 'ripped off'
How should I protect my code?
(I hope I am posting this in the correct place)
Thanks for any help
|
|
|
|
|
Simple; you can't. Find people you can trust.
Practical example; say I write a Memento-pattern for one of your applications, to provide Undo/Redo functionality. There's nothing stopping me from coding the same pattern in my own application. That is not a "ripp off", it is merely doing the same thing again, but in a different application.
'nother example; someone wrote a copy-protection scheme, and it needs maintenance. How could I perform maintenance, without seeing the code? Once it is seen, it can be reproduced.
Bastard Programmer from Hell 
If you can't read my code, try converting it here[^]
|
|
|
|
|
Thank you for your reply,
I understand what you are saying. I am more worried about how to keep someone from stealing the entire application code for themselves.
How do I protect myself from this?
|
|
|
|
|
If you paid them for the work, then the ownership of the codebase is legally yours. You'd have copyright.
You could break up your application into modules, and mak sure that some of the writers have no knowledge of the other modules - but that creates more risk (what if all people with knowledge of module A are sick?) than it actually adds.
See, all the modules would come together in a setup-package. The person who goes to the client and installs the stuff might just as easily copy the entire product.
Most shops that I know of don't even think about their employees as potential liabilities. I'd be looking for work elsewhere right away.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Actually, it depends on the terms of the employment contract and the jurisdiction.
If the person is a contractor, then unless explicitly stated in the contract, they may retain copyright and IP ownership and you can only use the code for the purpose stated in the contract.
|
|
|
|
|
He was referring to employees, not contractors
If you give someone else the assignment (someone who is not working for you), then you need additional agreements, regardless of whether it is a contractor or another company.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
You cannot hide the source code from the programmer. At any cost, at any circumstances programmer would be able to re-write the code of your application, just even if he knows what your application is doing; if that is his intent.
Since you're running the business and before hiring the programmer you should have full control over which person you are going to make a business relation with. You should first of all write your policy and other terms, that he must accept before he starts the job.
In those terms you can indicate what-so-ever you want to abide him by. But still that doesn't give a 100% guarantee that programmer would always ensure the terms being applied on him. In these cases you are always allowed to use legal jurisdiction to fight for your right (if there are some).
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
You could always have the programmer sign a non-disclosure/non-compete agreement.
"I've seen more information on a frickin' sticky note!" - Dave Kreskowiak
|
|
|
|
|
Two steps on top of my mind:
1. Keeping core algorithms and code to yourself, with others just getting a dll to link to.
2. Making sure that the licensing algorithm and code is with you alone. You alone should hold the license generator.
|
|
|
|
|
1. You could make them partners in your company. Then they'd be stealing from themselves.
2. Give them profit sharing so that the more money the code makes the more money they make then they have no reason to steal it.
3. Pay them so handomely it would be more work to steal the code than to sit back and rake in the money you are paying them.
|
|
|
|
|
THE ONLY BEST WAY IS TO FIND SOMEONE OR A PROGRAMMER YOU REALLY TRUST OR MAKE HIM OR HER A SHAREHOLDER IN YOUR BUSINESS.
|
|
|
|
|
Just a gentle reminder that all-capitals is considered to be "shouting" on the internet, and rude. Best to use sentence-case when posting.
|
|
|
|
|
Is everything okay with your code and your employees now? I am about to do the same thing, I am not really good at these things. I proposed a term in the contract to prevent him from copying the code. Is this enough? Could you share what you have done? Thanks in advance 
|
|
|
|
|
There are plenty of software's that can help you keep your data secured. Google them !
|
|
|
|
|
In computer science, method of maintaining proof of authorship (PoA) in code is done in the style of one of two approaches. The chosen approach is either A) a tangible, or B) an un-tangible.
Tangible PoA methods are usually either literally simple like writing your name, username, ID number, into the code. This does work to some extent but can be removed, even if the thief doesnt remove the string, you must be able to show PoA of this string. So, make sure the string you use is verifiable to you as the string has to be able to show by verifification that you have PoA of the string (tag/ID number/email address etc.). Using this method, you could include a ciphertext string in the code if the plaintext had been encrypted using your public key. If the plaintext consisted of 'mr.xx wrote this code and owns all including intellectual rights to this code' for example, before insertion of the ciphertext string into the code, remember that the encryption key for this string must be one which your private key can decrypt. This therefore stamps the code with an easily provable PoA element, so if the code pops up somewhere else, you could demonstrate your explicit and exclusive PoA of the code.
Another useful tangible approach method is adding 'red herrings' into the codebase. A red herring in this context is anything in the code that is nonsensical and usually syntactically invalid.
If you added a few letters at random to the end of randomly-selected and randomly-ordered code lines it could be used an PoA as only you could explain it (showing your valid PoA); nowadays you could even include an encrypted statement of ownership and timestamp ciphertext that can only be decrypted by using your private key, then build a pseudorandom ciphertext-bit distribution process. The reverse of the distribution algorithm will collect and reconstruct the original ciphertext. You could then decrypt this ciphertext and show those who are concerned that you have PoA over the code.
Whereas an intangible method would likely be computerised; one example is, the use of compartmentalisation to keep code secret from those who didnt code it. This can be done by writing chunks of code in various containers, such as;
a written in javascript in a HTML setting. or
a Python script batch that is called upon by the C++ applicationcodebase or even just host the secured script on sister server and code the applications interaction with the code via APIs like you would in most applications.
Hope this helps
|
|
|
|
|
This is a tricky one and it depends on the size of the code base you are trying to protect.
Here are a couple of things you can try.
1. If the code represents a platform, and if the team is large enough you can segment the codebase into multiple repositories and then segment access to them e.g. repositories for the presentation tier (gui interfaces) and repos for services so no one in the team has access to the full set of code.
2. You can achieve similar things to the above by having "core" code e.g base and common classes which are compiled and provided as compiled assemblies to the rest of the team. This way they never work with the deep internals of the system.
3. If you are working with applications you can look into locking them down with code signing certificates. This not prevent the source code but it will prevent the team from taking the code and repackaging it for sale as they won't have the certificates.
4. If you are really paranoid, consider getting all developers to remote into a terminal services environment (or similar) for development, this prevents the ability for the developer to copy large number of coding files off the development environment.
Hope this helps a little.
|
|
|
|
|
|
The first thing you will need is a well prepared business plan. No one is going to invest in a company unless they can see some profits coming back to them. As for projects, you need to find customers that need the skills you are offering. Take a look at some of the articles at http://www.codeproject.com/KB/work/[^], for further suggestions.
|
|
|
|
|
Hello, friends. I'm IT entrepreneur from Moscow with web development and linux skills. And now I starting IT outsourcing with my small team.
I have got two projects for it:
1. outsourcing web development
2. remote linux administration
So, may be you can give me some advices about it? What you want to see in outsourcing company? If you will hire remote people, how you will find them? freelance sites, google, forums, something else? Can you know another websites full of IT people, where I can talk about it as well?
May be you are an outsourcer? Can you write your success story? What you did on start?
Thank you.
|
|
|
|
|
Hi, I'm not an IT expert so I would be the wrong person to give you any technical advice, but I do have a beauty shop and have successfully created an online business
Currently I am selling around 40% of my products online and that number is increasing month by month. I wasn't always successful with my webshop though, I failed quite badly on my first try. At first I had problems with my webhost, didn't really have a very good website and didn't rank very high on search engines so my shop just wasn't generating enough visitors. So after about one year I decided to take my online shop down and give it a completely new try.
The second attempt worked much better. Looking back, one of the simplest but most important factors was that I did an extrensive keyword research and managed to register a domain name on here that exactly matched one of the most frequent search terms for my product line. Another factor that was really important on being successful online is knowing your audience. I decided to contact my loyal regular customers, told them about my project building an online shop and asked them what they would like to see included in it. What I found is that I had to keep the shop and the website design neat, simple and easy to navigate. I also only included around 10% of my most popular products in the store into the webshop in order to keep it simple and managable.
I'm aware that you are working in a very different field, but maybe you will find some of my experience useful. As for getting found in search engines, I would suggest you to focus on a maximum of 5 or 6 frequently used search terms in your field and try getting a matching domain name beacuse they tend to rank almost automatically on search engines.
Also being stationed in Moscow it would be better to focus on the Russian market since from my experience most clients like to hire a local company. And since Moscow is a huge city with over 12 million inhabitants, you have a huge potential customer base in Moscow alone.
Hope you find some of the advice useful, eventhough I can't give you any IT and web dev specific advice
|
|
|
|
|
I am a developer, i have observed that there are no good or big software projects like a high traffic ecommerce project in freelance websites like Odesk, elance etc. Most of the projects are
Not serious,
Fake,
Low budgeted etc.
There are few good projects.
In software companies you can find serious projects, compared with freelance projects. What is the reason?
Some project managers said one reason is
It is because for Big projects needs to work in teams, So it can't be given to individuals and also communication problems etc.
Thanks
|
|
|
|
|
I don't think there are very capable people on those sites. Most of the projects I was passing on due to my own work-loads were big projects and never completed because of the lack of professional experience by the applicant.
And two, I think most people who use those sites looking for work, are also not as professional as they so astute make themselves look. To me, it is a site for those who want to make a quick buck by doing a half-ass job.
A professional job posting system would and should test your authenticity of your qualifications before allowing you to apply to job positions. There are many job postings offering good pay for professional contractors.
Regards,
CodingK
|
|
|
|
|
I have had mixed results (as a vendor) using services from companies like Elance, and I agree with your assessment here.
Elance, specifically, was purchased by Upwork not too long ago, and I see that Upwork introduces features for testing and validating the authenticity of freelancers' qualifications. Do you see this as a step in the right direction?
Do you think it will have a measurable impact on the quality of freelancers (and/or vendor experience) using this platform?
|
|
|
|
|
pandu web dev wrote: Some project managers said one reason is
It is because for Big projects needs to work in teams, So it can't be given to individuals and also communication problems etc.
It is a fact that many business projects fail either partially or completely. Many studies demonstrate this. And I suspect that many of those failures are attributed to project management failures.
Thus a project manager probably isn't the best source to evaluate why a broad category of projects fail.
Below is one stat for Apache server, which is a public domain and open source server. From it 60% usage from the top (usage) 10 million web sites in the world. How do those "project managers" explain that success? (There are a vast number of addons for apache.) There are many more examples of this.
http://w3techs.com/technologies/details/ws-apache/all/all[^]
pandu web dev wrote: said one reason is
One reason individual projects fail is just due to lack of interest when there are very few participants. An initial project needs several dedicated enthusiasts who spend years actively supporting a project until many people start using it. If the first doesn't happen then the second wont.
I am not going to research it in detail but I know for a fact that there used to be a free shopping cart system written in perl. There might be something now in a different language. You can try googling for that.
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
