[Qgis-developer] Qgis custom buil to read obfuscated data

Mayeul Kauffmann mayeul.kauffmann at free.fr
Thu Sep 15 16:41:01 EDT 2011 

> @Niccolò: good point. Howevere one could write a non GPL piece of code
(the minimum to keep the data undisclosable) and link qgis to it. Is it
forbidden
>  by GPL license? I don't think...
> I think it is.
         
I also believe it might be forbidden by the GPL.
I think there might be a way to reconcile ethics, respect for the GPL
and the client needs.
You would need to obfuscate the source code.
For example, you rename fonctions, classes, filenames etc according to
an encryption mechanism. The encryption is based on a key chosen by the
client.

You need to take care of many things, e.g. if:
qgsapplication.cpp  becomes qslghtygvr15ni189t.cpp
then:
qgsapplication.h  becomes qslghtygvr15ni189t.h
Naming conventions which are understood by the framework should be
respected as well (I do not know qgis's architecture well enough to be
precise here).
In one part of the code, you put your mechanism decoding the data.
You then release the whole thing as GPL.

Obviously, you work on the non-obfuscated code. You need to use or build
a software to obfuscate the code
(http://en.wikipedia.org/wiki/Obfuscated_code says there are open-source
software to do so).

Then, for the ethic part: you also share any improvement you do in
non-obfuscated format (except maybe the data-decoding part). I wonder
though if the major part of the  data-decoding part could be generic
enough to be shared as (non-obfuscated) GPL code. Then other sensitive
projects may reuse it.
Is the whole approach ethical? I really don't know. Still, it would be
funny to receive a dataset with a notice: to read this geotiff, you must
use our version of QuantumGIS, not ArcGIS or Mapinfo! 


EDIT: not sure the approach above is OK, see
http://stackoverflow.com/questions/1086445/obfuscation-and-gpl
However GPL encryption software do exist. Maybe the data provider could
give the data with a key. Of course it makes the system much weaker.
However, the client should be aware that an external compiled piece of
code is not much less easy to crack than it is to change an open source
software.

A final note:
I believe in free software and in free geo data. I contribute to QGIS
and to OpenStreetMap. I've produced some of OSM icons and released them
in public domain.
However, piracy exists and I condemn it; some organizations may
rightfully search ways to protect themselves against unauthorized used
of their data. I prefer companies that share their data, but as long as
you contribute yourself to QGIS in other domains, then you would learn
something from this work and I would say it's better than if they pay
ESRI developers to do the same. 
Still, if you can find another client/boss which is more open source
minded, then I would encourage you to refuse this task. Otherwise, I'll
pray for you soul!

Hope this helps,
Mayeul

> 
> Probably you're right.
http://blog.milkingthegnu.org/2008/04/gpl-for-dummies.html
>  
> 
>         
>         --strk;
>         
>          ()   Free GIS & Flash consultant/developer
>          /\   http://strk.keybit.net/services.html
>         
>         
> _______________________________________________
> Qgis-developer mailing list
> Qgis-developer at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/qgis-developer
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.osgeo.org/pipermail/qgis-developer/attachments/20110915/79868486/attachment.html

More information about the Qgis-developer mailing list