RE: RE: OT: Securing Code ( was "Download Code")
Good place to start reading: http://www.nolo.com/ best, paul At 02:44 PM 8/30/00 -0400, you wrote: >it's probably in your best interest to consult a lawyer if this is of any >importance more than curiosity. if that's it, however, search for >"intellectual property" and read read read. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: RE: OT: Securing Code ( was "Download Code")
it's probably in your best interest to consult a lawyer if this is of any importance more than curiosity. if that's it, however, search for "intellectual property" and read read read. Chris Olive, DOEHRS Website Administrator -Original Message- From: Steve Bernard [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 30, 2000 1:42 PM To: [EMAIL PROTECTED] Subject: RE: RE: OT: Securing Code ( was "Download Code") Do you have links or other references for this? I'm interested in learning more. Thanks, Steve -Original Message- From: Olive, Christopher M Mr NMR [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 30, 2000 12:03 PM To: '[EMAIL PROTECTED]' Subject: RE: RE: OT: Securing Code ( was "Download Code") actually, that's incorrect. if there is no IP verbiage in the contract, and the work is not "for hire" (W2 employees), the IP remains with the contractor that created the software, not the company for which the software was contractually created. Chris Olive, DOEHRS Website Administrator -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: RE: OT: Securing Code ( was "Download Code")
Do you have links or other references for this? I'm interested in learning more. Thanks, Steve -Original Message- From: Olive, Christopher M Mr NMR [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 30, 2000 12:03 PM To: '[EMAIL PROTECTED]' Subject: RE: RE: OT: Securing Code ( was "Download Code") actually, that's incorrect. if there is no IP verbiage in the contract, and the work is not "for hire" (W2 employees), the IP remains with the contractor that created the software, not the company for which the software was contractually created. Chris Olive, DOEHRS Website Administrator -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: RE: OT: Securing Code ( was "Download Code")
actually, that's incorrect. if there is no IP verbiage in the contract, and the work is not "for hire" (W2 employees), the IP remains with the contractor that created the software, not the company for which the software was contractually created. Chris Olive, DOEHRS Website Administrator -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, August 30, 2000 10:23 AM To: [EMAIL PROTECTED] Subject: Re:RE: OT: Securing Code ( was "Download Code") I'm no expert in matters of intellectual property, but I have worked in a parallel field. You can check with a lawyer, but in general, the person/company/organization that has asked and paid for software development owns the code (and can do with it what they might without consulting/including any developer) unless there is specific language in your contract to the contrary. Anyone who is contracting programming/development services is wise if they have their contract reviewed to cover them in cases where there might be future financial gain. Do a web search on "intellectual property rights" and I think you will find it very interesting. Also note, some employers will not sign a contract that covers you - so be aware. Employers like contracts that protect them and say something to the effect that you/developers can't develop a similar application for x number of years. Carol L. Bluestein Senior Programmer NYS Office of Real Property 518-486-6335 [EMAIL PROTECTED] Reply Separator____ Subject: RE: OT: Securing Code ( was "Download Code") Author: [EMAIL PROTECTED] Date: 8/30/00 7:14 AM You can actually un-encrypt CF code after it has been encrypted. I'm not sure if Allaire has rectified this issue yet. Peter Tilbrook Internet Applications Developer Aspect Computing Pty. Ltd. 19-25 Moore Street Turner, ACT, 2612 AUSTRALIA http://www.aspect.com.au Phone: (02) 6247 7677 Fax: (02) 6249 1620 Mobile: 0428 765 020 ACT ColdFusion Users Group - http://203.37.24.198 -Original Message- From: Chad [mailto:[EMAIL PROTECTED]] Sent: Wednesday, 30 August 2000 7:24 To: [EMAIL PROTECTED] Subject: Re: OT: Securing Code ( was "Download Code") Why not just cfcrypt it. Even if they do find a backdoor into the server the code will be useless to them. The program is located normally in C:\CFUSION\BIN At 02:00 PM 8/29/00 -0400, you wrote: >Here is my situation in more detail, and I know I'm not alone. I saw a >thread similar to this topic dealing from a legal stand point. early >this year. > >I was sub-contracted by a consulting company to write a test web app for >one specific client of theirs. The program is custom written for that >specific client and parts would have to be rewritten to work into a >general setting. > >Over the course of development they have really begun to see potential >in the project and are seeing dollar signs. It was mentioned in the >consulting firms big meeting that they were thinking of downloading the >CF code and even the databases, repackage/rewrite it into a marketable >fashion and resell it. > >My concern is, how secure is the ColdFusion code and database structure >from downloading? I would like any information on the legal rights of >the different parties -- programmer, consultant, client, someone who >downloads it. I realise you all aren't lawyers, but any info or opinions >would help. > >Kelly Olson > > >--- --- >Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ >To Unsubscribe visit >http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or >send a message to [EMAIL PROTECTED] with 'unsubscribe' in >the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -
Re:RE: OT: Securing Code ( was "Download Code")
I'm no expert in matters of intellectual property, but I have worked in a parallel field. You can check with a lawyer, but in general, the person/company/organization that has asked and paid for software development owns the code (and can do with it what they might without consulting/including any developer) unless there is specific language in your contract to the contrary. Anyone who is contracting programming/development services is wise if they have their contract reviewed to cover them in cases where there might be future financial gain. Do a web search on "intellectual property rights" and I think you will find it very interesting. Also note, some employers will not sign a contract that covers you - so be aware. Employers like contracts that protect them and say something to the effect that you/developers can't develop a similar application for x number of years. Carol L. Bluestein Senior Programmer NYS Office of Real Property 518-486-6335 [EMAIL PROTECTED] Reply Separator Subject:RE: OT: Securing Code ( was "Download Code") Author: [EMAIL PROTECTED] Date: 8/30/00 7:14 AM You can actually un-encrypt CF code after it has been encrypted. I'm not sure if Allaire has rectified this issue yet. Peter Tilbrook Internet Applications Developer Aspect Computing Pty. Ltd. 19-25 Moore Street Turner, ACT, 2612 AUSTRALIA http://www.aspect.com.au Phone: (02) 6247 7677 Fax: (02) 6249 1620 Mobile: 0428 765 020 ACT ColdFusion Users Group - http://203.37.24.198 -Original Message- From: Chad [mailto:[EMAIL PROTECTED]] Sent: Wednesday, 30 August 2000 7:24 To: [EMAIL PROTECTED] Subject: Re: OT: Securing Code ( was "Download Code") Why not just cfcrypt it. Even if they do find a backdoor into the server the code will be useless to them. The program is located normally in C:\CFUSION\BIN At 02:00 PM 8/29/00 -0400, you wrote: >Here is my situation in more detail, and I know I'm not alone. I saw a >thread similar to this topic dealing from a legal stand point. early >this year. > >I was sub-contracted by a consulting company to write a test web app for >one specific client of theirs. The program is custom written for that >specific client and parts would have to be rewritten to work into a >general setting. > >Over the course of development they have really begun to see potential >in the project and are seeing dollar signs. It was mentioned in the >consulting firms big meeting that they were thinking of downloading the >CF code and even the databases, repackage/rewrite it into a marketable >fashion and resell it. > >My concern is, how secure is the ColdFusion code and database structure >from downloading? I would like any information on the legal rights of >the different parties -- programmer, consultant, client, someone who >downloads it. I realise you all aren't lawyers, but any info or opinions >would help. > >Kelly Olson > > >--- --- >Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ >To Unsubscribe visit >http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or >send a message to [EMAIL PROTECTED] with 'unsubscribe' in >the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: OT: Securing Code ( was "Download Code")
It boils down to a couple of things: 1) Do they have access to the source? 2) Are you under contractual obligation to give them source? If either answer is, "yes", then I'd finish the project, get paid, and chalk this one up to experience. If both answers are, "no", you may be able to keep exclusive rights to the source. It's a very sticky situation but it happens all the time. You probably wrote the app with the intent that it would be implemented only by the contracting entity and that you may be brought in for maintenance, support, etc. You probably priced the job based on this presumed usage and the assumption that you would still have control of the source. You probably didn't expect the consultant to turn around and try to create a resale product based on your work without any compensation or credit. If you knew the work would have 2 million users or that it would be repackaged and sold, you would have asked for more money or to be brought on as the lead developer at the company. Strictly speaking, the consultancy is more than likely within the letter of the law. Morally/Ethically I would say that you are in the right. If you create something with immediate value then you should be duly compensated. This shows I'm not a real businessman because if I were I'd be thinking, "Hey, I got a great deal on this app because the developer was naive and now I can make a lot of money reselling it. Check out my ROI!" As for the various encryption/obfuscation techniques that have been discussed, they're all moot if you have to turn over the source. If source is NOT required you can encrypt the source files using cfcrypt and disallow any access to the plain text versions. As has been mentioned, it is rather trivial to decrypt files that have been encrypted using cfcrypt, by using cfdecrypt :) If you do encrypt the files, which I would do on the production code anyway, I would include in each file a blurb stating something like, "Decryption is not allowed and constitutes a violation blah, blah, blah. Copyright ME 2000." This is not a binding agreement but, if you catch someone using your previously encrypted code you'll have more of a leg to stand on. A last resort, assuming the consultancy can use the code but doesn't exclusively own it, is to make the app OSS (Open Source Software) so that anyone can d/l it for free with the source. What this really accomplishes, besides public edification, is to prevent the consultancy from making the code proprietary to them. Right now it's proprietary to you :) Once the source is out there's nothing to stop anyone from repackaging it and selling it in a compiled or encrypted format as their own. [NOTE] I support the idea of OSS. I mention it as a "last resort" in the context of "methods to prevent someone else from using your source in a proprietary way". Once the source is out there's nothing to stop anyone from repackaging it and selling it in a compiled or encrypted format as their own but, your open source will allow others to learn, find bugs, improve upon, and possibly create an alternative to the proprietary version being sold by your arch-nemisis ;) Steve P.S. Make sure the server(s) hosting this app are locked down and have the appropriate service packs, hot fixes, and system tweaks in place to prevent someone from viewing the CF source via a web browser, a la the "::DATA" and "+.htr" bugs. Wouldn't ya' feel dumb then? :) At 02:00 PM 8/29/00 -0400, you wrote: >Here is my situation in more detail, and I know I'm not alone. I saw a >thread similar to this topic dealing from a legal stand point. early >this year. > >I was sub-contracted by a consulting company to write a test web app for >one specific client of theirs. The program is custom written for that >specific client and parts would have to be rewritten to work into a >general setting. > >Over the course of development they have really begun to see potential >in the project and are seeing dollar signs. It was mentioned in the >consulting firms big meeting that they were thinking of downloading the >CF code and even the databases, repackage/rewrite it into a marketable >fashion and resell it. > >My concern is, how secure is the ColdFusion code and database structure >from downloading? I would like any information on the legal rights of >the different parties -- programmer, consultant, client, someone who >downloads it. I realise you all aren't lawyers, but any info or opinions >would help. > >Kelly Olson -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
Re: OT: Securing Code ( was "Download Code")
Able Commerce has an interesting approach. Their install requires the installation of a DLL which they then use to decode the templates. This is good since anyone can find cfdecrypt and unravel all our hard work. I would love to figure out how Able does this so I could incorporate it into my apps :) Neil - Original Message - From: "Chad" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, August 29, 2000 5:24 PM Subject: Re: OT: Securing Code ( was "Download Code") > Why not just cfcrypt it. Even if they do find a backdoor into the server > the code will be useless to them. The program is located normally in > C:\CFUSION\BIN > > > > At 02:00 PM 8/29/00 -0400, you wrote: > > >Here is my situation in more detail, and I know I'm not alone. I saw a > >thread similar to this topic dealing from a legal stand point. early > >this year. > > > >I was sub-contracted by a consulting company to write a test web app for > >one specific client of theirs. The program is custom written for that > >specific client and parts would have to be rewritten to work into a > >general setting. > > > >Over the course of development they have really begun to see potential > >in the project and are seeing dollar signs. It was mentioned in the > >consulting firms big meeting that they were thinking of downloading the > >CF code and even the databases, repackage/rewrite it into a marketable > >fashion and resell it. > > > >My concern is, how secure is the ColdFusion code and database structure > >from downloading? I would like any information on the legal rights of > >the different parties -- programmer, consultant, client, someone who > >downloads it. I realise you all aren't lawyers, but any info or opinions > >would help. > > > >Kelly Olson > > > > > >--- --- > >Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ > >To Unsubscribe visit > >http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or > >send a message to [EMAIL PROTECTED] with 'unsubscribe' in > >the body. > > -- > Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ > To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. > -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: OT: Securing Code ( was "Download Code")
You can actually un-encrypt CF code after it has been encrypted. I'm not sure if Allaire has rectified this issue yet. Peter Tilbrook Internet Applications Developer Aspect Computing Pty. Ltd. 19-25 Moore Street Turner, ACT, 2612 AUSTRALIA http://www.aspect.com.au Phone: (02) 6247 7677 Fax: (02) 6249 1620 Mobile: 0428 765 020 ACT ColdFusion Users Group - http://203.37.24.198 -Original Message- From: Chad [mailto:[EMAIL PROTECTED]] Sent: Wednesday, 30 August 2000 7:24 To: [EMAIL PROTECTED] Subject: Re: OT: Securing Code ( was "Download Code") Why not just cfcrypt it. Even if they do find a backdoor into the server the code will be useless to them. The program is located normally in C:\CFUSION\BIN At 02:00 PM 8/29/00 -0400, you wrote: >Here is my situation in more detail, and I know I'm not alone. I saw a >thread similar to this topic dealing from a legal stand point. early >this year. > >I was sub-contracted by a consulting company to write a test web app for >one specific client of theirs. The program is custom written for that >specific client and parts would have to be rewritten to work into a >general setting. > >Over the course of development they have really begun to see potential >in the project and are seeing dollar signs. It was mentioned in the >consulting firms big meeting that they were thinking of downloading the >CF code and even the databases, repackage/rewrite it into a marketable >fashion and resell it. > >My concern is, how secure is the ColdFusion code and database structure >from downloading? I would like any information on the legal rights of >the different parties -- programmer, consultant, client, someone who >downloads it. I realise you all aren't lawyers, but any info or opinions >would help. > >Kelly Olson > > >--- --- >Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ >To Unsubscribe visit >http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or >send a message to [EMAIL PROTECTED] with 'unsubscribe' in >the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
Re: OT: Securing Code ( was "Download Code")
Why not just cfcrypt it. Even if they do find a backdoor into the server the code will be useless to them. The program is located normally in C:\CFUSION\BIN At 02:00 PM 8/29/00 -0400, you wrote: >Here is my situation in more detail, and I know I'm not alone. I saw a >thread similar to this topic dealing from a legal stand point. early >this year. > >I was sub-contracted by a consulting company to write a test web app for >one specific client of theirs. The program is custom written for that >specific client and parts would have to be rewritten to work into a >general setting. > >Over the course of development they have really begun to see potential >in the project and are seeing dollar signs. It was mentioned in the >consulting firms big meeting that they were thinking of downloading the >CF code and even the databases, repackage/rewrite it into a marketable >fashion and resell it. > >My concern is, how secure is the ColdFusion code and database structure >from downloading? I would like any information on the legal rights of >the different parties -- programmer, consultant, client, someone who >downloads it. I realise you all aren't lawyers, but any info or opinions >would help. > >Kelly Olson > > >-- >Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ >To Unsubscribe visit >http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or >send a message to [EMAIL PROTECTED] with 'unsubscribe' in >the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: Securing Code ( was "Download Code")
Encrypted server side, with a secured IIS/Apache / NT/Unix machine security is almost a no issue. Security for CF is as good as XYZ app. The "Code" is never exposed except in bugs via the Operating systems. With competent administration who stay on the top of things it is not really an issue at all. It is as secure as any other Server Side HTML PreProcessor. Jeremy Allen [EMAIL PROTECTED] [Insert Quarter] -Original Message- From: Olson, Kelly [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 29, 2000 2:01 PM To: [EMAIL PROTECTED] Subject: OT: Securing Code ( was "Download Code") Here is my situation in more detail, and I know I'm not alone. I saw a thread similar to this topic dealing from a legal stand point. early this year. I was sub-contracted by a consulting company to write a test web app for one specific client of theirs. The program is custom written for that specific client and parts would have to be rewritten to work into a general setting. Over the course of development they have really begun to see potential in the project and are seeing dollar signs. It was mentioned in the consulting firms big meeting that they were thinking of downloading the CF code and even the databases, repackage/rewrite it into a marketable fashion and resell it. My concern is, how secure is the ColdFusion code and database structure from downloading? I would like any information on the legal rights of the different parties -- programmer, consultant, client, someone who downloads it. I realise you all aren't lawyers, but any info or opinions would help. Kelly Olson -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
RE: Securing Code ( was "Download Code")
Here's the problem: How are they going to "download" it? Do they mean, by hitting it with a client and then downloading it? If it's happening that way, you have no worries. Remember, CF only displays parsed HTML code to the client, not raw CF and it self-obscures most of your database calls as the CF is actually handling that, and the CF is translated into HTML. If you mean, ftping in and grabbing the raw files, nothing can save you from that, except encoding the templates themselves. -Jesse -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 29, 2000 2:01 PM To: [EMAIL PROTECTED] Subject: OT: Securing Code ( was "Download Code") Here is my situation in more detail, and I know I'm not alone. I saw a thread similar to this topic dealing from a legal stand point. early this year. I was sub-contracted by a consulting company to write a test web app for one specific client of theirs. The program is custom written for that specific client and parts would have to be rewritten to work into a general setting. Over the course of development they have really begun to see potential in the project and are seeing dollar signs. It was mentioned in the consulting firms big meeting that they were thinking of downloading the CF code and even the databases, repackage/rewrite it into a marketable fashion and resell it. My concern is, how secure is the ColdFusion code and database structure from downloading? I would like any information on the legal rights of the different parties -- programmer, consultant, client, someone who downloads it. I realise you all aren't lawyers, but any info or opinions would help. Kelly Olson -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
OT: Securing Code ( was "Download Code")
Here is my situation in more detail, and I know I'm not alone. I saw a thread similar to this topic dealing from a legal stand point. early this year. I was sub-contracted by a consulting company to write a test web app for one specific client of theirs. The program is custom written for that specific client and parts would have to be rewritten to work into a general setting. Over the course of development they have really begun to see potential in the project and are seeing dollar signs. It was mentioned in the consulting firms big meeting that they were thinking of downloading the CF code and even the databases, repackage/rewrite it into a marketable fashion and resell it. My concern is, how secure is the ColdFusion code and database structure from downloading? I would like any information on the legal rights of the different parties -- programmer, consultant, client, someone who downloads it. I realise you all aren't lawyers, but any info or opinions would help. Kelly Olson -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
Re: Download Code
sure if the patch hasn't been applied to the server you append +.htr (IIS only). and then "view source" i.e.: http://www1.sys-con.com/forums/index.cfm+.htr I'm only using them as an example because they did an article about it an issue or two ago and it still works on their boxes. - Original Message - From: "Olson, Kelly" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, August 29, 2000 1:15 PM Subject: OT: Download Code > > I know that looking a source code in a browser will not display any > ColdFusion programming code. My question is, is it possible to pull > down someone elses code using some other method, other than FTP? > > Is the CF_Encritpion or some other tag a way to defeat this? > > Kelly > > -- > Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ > To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body. > -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
OT: Download Code
I know that looking a source code in a browser will not display any ColdFusion programming code. My question is, is it possible to pull down someone elses code using some other method, other than FTP? Is the CF_Encritpion or some other tag a way to defeat this? Kelly -- Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.