[Newbies] Squeak in commercial projects

Jens Pall jens at axonspace.com
Tue Mar 6 20:10:00 UTC 2007


Ron Teitelbaum wrote:
> Hi JP,
> 
> This is not an easy question.  There are a number of things that you need to
> consider.  First you need to decide how secure the update needs to be.  If
> you are not worried about security then you have a much easier job and many
> more options.  In general Squeak is not secure, but it is also not less
> secure then many other tools that are sent to end users.
> 
> So first answer some questions.
> 
> Is your system likely to be used by people that are interested in cracking
> the system?

Some of the end-users might try this but most of them will not. They 
just want a system that works and does its job. We are working with 
partners who are distributing our software and I know that some of them 
will try to open up the software, modify it and, in some cases, try to 
sell it as their own if it is easy to get at the source. If the source 
is not available and it is a bit hard to get access to the developing 
interface then I believe this risk is greatly reduced.

> Does your system have access to network facilities that attach to other
> installations of your system?

Yes. This is a distributed networked application. It lives and breathes 
on the network.

> Are you concerned that someone might try to build a patch and upload that
> code to your system installations?  (i.e. spyware, worms, viruses)

Well, not really. Our installations mainly run on private WAN networks 
owned by the customer but you never know what malicious internal users 
might do. We plan on being able to run this over the Internet where this 
is a major concern but will try to limit it by using secure network 
connections.

> Are you trying to prevent users from using features of your system without
> authorization?  (i.e. Try before you buy?)

Yes. We must be able to issue licenses for using features of the system.

> There are no easy answers but I do believe it is a very interesting
> discussion.

It indeed is and one that needs to be addressed if Squeak is to be 
seriously considered as a commercial vehicle. It has huge potential in 
that area if the proper hooks are in place.

As a side note I might mention that our current system is implemented in 
C++ and, if it turns out to be possible with respect to the topic of 
this thread, we are seriously considering porting it to Squeak. Croquet 
will also play a major role as the monitoring / management tool.

> Ron Teitelbaum
> President / Principal Software Engineer
> US Medical Record Specialists
> www.usmedrec.com 
> Squeak Cryptography Team Leader
> 
> 
>> -----Original Message-----
>> From: beginners-bounces at lists.squeakfoundation.org [mailto:beginners-
>> bounces at lists.squeakfoundation.org] On Behalf Of Jens Pall
>> Sent: Tuesday, March 06, 2007 2:09 AM
>> To: Squeak Beginners
>> Subject: [Newbies] Squeak in commercial projects
>>
>> Hi
>>
>> How can I use Squeak in a commercial closed source project (whole image)?
>>
>> How about upgrades? I want to be able to send an upgrade to the customer
>> which only contains the changed code.
>>
>> Thanks,
>> JP




More information about the Beginners mailing list