It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Source Code or Software Escrow experts?
page: 13
share:
Anyone here well versed in this?
Would like to understand more about this industry.
Would like to understand more about this industry.
a reply to: Vasa Croe
I'm not sure exactly what you are asking, but source code usually relates to human readable programming directives. This is then compiled down to less readable machine code which directs the chipset to perform certain tasks in sequence.
Because people wanted to reverse engineer their own stuff from existing code that they didn't write, there were 'decompilers' written to turn the machine instructions back into a human readable code.
Of course coders and companies who wanted to retain 'ownership' of their own stuff then began to start using techniques to obfuscate their code by various methods so it still did the same thing, but it did it in a way that made decompilation nearly impossible.
This became more important when companies would publish API's that called proprietary code modules. They could make calls to code not included explicitly in the compiled program, and which a decompiler could only guess at. Then these modules also made reference of even more undocumented libraries and functions and soon it became possible to generate code that no-one else could crack.
... unless they had the keys and knew the tricks!
That is where the escrow part comes in. It is like some third party that has the hidden secrets that can unlock someone's code. The escrow holder may not even know anything about the program that they hold the keys for. They just keep the code a 'trade secret'.
So the original source code holders can change the code at will, as can someone who has the escrow keys and 'knows their stuff'.
I'm not sure exactly what you are asking, but source code usually relates to human readable programming directives. This is then compiled down to less readable machine code which directs the chipset to perform certain tasks in sequence.
Because people wanted to reverse engineer their own stuff from existing code that they didn't write, there were 'decompilers' written to turn the machine instructions back into a human readable code.
Of course coders and companies who wanted to retain 'ownership' of their own stuff then began to start using techniques to obfuscate their code by various methods so it still did the same thing, but it did it in a way that made decompilation nearly impossible.
This became more important when companies would publish API's that called proprietary code modules. They could make calls to code not included explicitly in the compiled program, and which a decompiler could only guess at. Then these modules also made reference of even more undocumented libraries and functions and soon it became possible to generate code that no-one else could crack.
... unless they had the keys and knew the tricks!
That is where the escrow part comes in. It is like some third party that has the hidden secrets that can unlock someone's code. The escrow holder may not even know anything about the program that they hold the keys for. They just keep the code a 'trade secret'.
So the original source code holders can change the code at will, as can someone who has the escrow keys and 'knows their stuff'.
edit on 4/5/2021 by chr0naut because: (no reason given)
a reply to: Vasa Croe
You could scour github and study source code. I've been messing around with pixel dungeon lately making a mod.
github.com...
I've learned a lot.of java lately doing this. I avoided learning java because it pisses me off. So much typing and 'everything, literally everything is a class' is limiting.
You could scour github and study source code. I've been messing around with pixel dungeon lately making a mod.
github.com...
I've learned a lot.of java lately doing this. I avoided learning java because it pisses me off. So much typing and 'everything, literally everything is a class' is limiting.
edit on 4/5/2021 by dug88 because: (no reason given)
Are we talking about some third party holding a copy of your code in such a way that if it goes to court you can prove it?
originally posted by: dug88
… and 'everything, literally everything is a class' is limiting.
Well no. Java primitives are not objects.
the rest is. Hence why Java was hailed as one of the bastions for OOP back in the late 90s.
But Java is quite heavy and not particularly fast.
edit on 5-5-2021 by noonebutme because: (no reason given)
a reply to: Vasa Croe
Are you asking 'what' it is, or are you asking 'why' it is? Both questions are actually quite complicated to answer fully without going into a whole myriad of subjects relating to the concept of "intellectual property" in the legal sense.
I'll leave the technical elements of 'what' it is to others, but I am pretty familiar with 'why' it is and can respond to that in a fair amount of detail.
Briefly, the basic difference is, if someone legally has the rights to the source code they technically own it. As owners they can do what they please with it, including modifying it, or even selling it to someone else. Escrow is different. Escrow is a holding place for the software source code, by a disinterested 3rd party, where neither party has complete title to it. The purpose of an escrow arrangement is to ensure that the purchaser of a software developed specifically for them will have access to it, but only if certain circumstances are met. These circumstances usually involve things like failure to perform, or respond, on behalf of the original developer. An example is probably appropriate here.
Example #1 (source code) - If I pay you to develop for me some piece of software, or process, and I stipulate as part of that agreement that when you successfully complete the development you will turn over all the rights to said source code to me, then I am the owner of that software or process at that point in time. A very simplistic analogy would be, let's say you are an employee to me and your job is to write software code; anything you develop while on my payroll is my property and you have no title to it (intellectually or otherwise). This would be part of your employment agreement. Or, another example would be, let's say you own a small software company and I award you a contract to develop software for me, but what I ask you to develop requires way more resources than you can afford, then I will agree to fund your resources to develop the software in return for you giving me title to it when you're done. Basically, I fund your development costs. These are just a couple very simplistic examples.
Example #2 (Escrow) - If I pay you to develop for me some piece of software, or to customize a piece of your existing software specifically for me, and I stipulate that you must support this software for 'x' period of time (usually a very long period of time), but you are unwilling to give me the source code...because you may want to sell the original software to someone else tomorrow...then we enter into an escrow agreement. That agreement will allow me access to the source code if you fail to support it in some fashion. So, for example, let's say things are bumping along smoothly until one day we discover a bug or some sort of failure in the software which requires fixing. Again, a very simplistic example, but let's say we call you up, but you don't return the call (maybe you've gone out of business, or simply don't like us, or whatever); once we have made every reasonable attempt to notify you without any response or action, then we can take possession of said software and pay a 3rd party to fix it (or do it ourselves). Conversely, escrow also does something else; it prevents you from selling what we paid you to develop to someone else. This is a little harder to wrap your head around. You can sell the base software to anyone, and (in theory) you can sell the part we paid you to develop also (though there are rules here), BUT you cannot change the terms of our original agreement with you in that sale. So, for example, you couldn't sell what you developed for us to one of our competitors who might decide to use that sale as a way to extort money from us, or put us at an unfair competitive disadvantage (there are thousands of examples here).
The subject of Intellectual Property and ownership is a very complex legal area, and people get paid a whole lot of money to understand it, keep it sorted out, and litigate violations of these agreements. It doesn't take a whole lot of imagination to see how complicated this can get if you consider a company like Micro-shaft, who sells an application which runs on their OS, but might make 1,000 changes...per day...to that application for one reason or another. Some of these reasons might be a result of one of our requests, or they might be a result of someone else's request, but now who owns the software? Now, most would answer...obviously Micro-shaft owns the software, and for most of us this might be true, but it's not always. Companies and governments pay companies like Micro-shaft to develop very specific things only for them, and nobody else is allowed to use those features (back door entry points into software is one good example here).
Anyway, that's a 'sort of' brief summary.
Are you asking 'what' it is, or are you asking 'why' it is? Both questions are actually quite complicated to answer fully without going into a whole myriad of subjects relating to the concept of "intellectual property" in the legal sense.
I'll leave the technical elements of 'what' it is to others, but I am pretty familiar with 'why' it is and can respond to that in a fair amount of detail.
Briefly, the basic difference is, if someone legally has the rights to the source code they technically own it. As owners they can do what they please with it, including modifying it, or even selling it to someone else. Escrow is different. Escrow is a holding place for the software source code, by a disinterested 3rd party, where neither party has complete title to it. The purpose of an escrow arrangement is to ensure that the purchaser of a software developed specifically for them will have access to it, but only if certain circumstances are met. These circumstances usually involve things like failure to perform, or respond, on behalf of the original developer. An example is probably appropriate here.
Example #1 (source code) - If I pay you to develop for me some piece of software, or process, and I stipulate as part of that agreement that when you successfully complete the development you will turn over all the rights to said source code to me, then I am the owner of that software or process at that point in time. A very simplistic analogy would be, let's say you are an employee to me and your job is to write software code; anything you develop while on my payroll is my property and you have no title to it (intellectually or otherwise). This would be part of your employment agreement. Or, another example would be, let's say you own a small software company and I award you a contract to develop software for me, but what I ask you to develop requires way more resources than you can afford, then I will agree to fund your resources to develop the software in return for you giving me title to it when you're done. Basically, I fund your development costs. These are just a couple very simplistic examples.
Example #2 (Escrow) - If I pay you to develop for me some piece of software, or to customize a piece of your existing software specifically for me, and I stipulate that you must support this software for 'x' period of time (usually a very long period of time), but you are unwilling to give me the source code...because you may want to sell the original software to someone else tomorrow...then we enter into an escrow agreement. That agreement will allow me access to the source code if you fail to support it in some fashion. So, for example, let's say things are bumping along smoothly until one day we discover a bug or some sort of failure in the software which requires fixing. Again, a very simplistic example, but let's say we call you up, but you don't return the call (maybe you've gone out of business, or simply don't like us, or whatever); once we have made every reasonable attempt to notify you without any response or action, then we can take possession of said software and pay a 3rd party to fix it (or do it ourselves). Conversely, escrow also does something else; it prevents you from selling what we paid you to develop to someone else. This is a little harder to wrap your head around. You can sell the base software to anyone, and (in theory) you can sell the part we paid you to develop also (though there are rules here), BUT you cannot change the terms of our original agreement with you in that sale. So, for example, you couldn't sell what you developed for us to one of our competitors who might decide to use that sale as a way to extort money from us, or put us at an unfair competitive disadvantage (there are thousands of examples here).
The subject of Intellectual Property and ownership is a very complex legal area, and people get paid a whole lot of money to understand it, keep it sorted out, and litigate violations of these agreements. It doesn't take a whole lot of imagination to see how complicated this can get if you consider a company like Micro-shaft, who sells an application which runs on their OS, but might make 1,000 changes...per day...to that application for one reason or another. Some of these reasons might be a result of one of our requests, or they might be a result of someone else's request, but now who owns the software? Now, most would answer...obviously Micro-shaft owns the software, and for most of us this might be true, but it's not always. Companies and governments pay companies like Micro-shaft to develop very specific things only for them, and nobody else is allowed to use those features (back door entry points into software is one good example here).
Anyway, that's a 'sort of' brief summary.
edit on 5/6/2021 by Flyingclaydisk because: (no reason given)
I have seen source code put in escrow before for business agreements or "Memorandum of Understanding" or the like.
This can happen in a startup company setting where one or more client(s) want, essentially, collateral against a software startup going belly up. For software startups, the source code IS the commodity, so this ends up being copied and put in escrow to protect clients from such a worst case scenario. If the startups goes boom, then the clients may be able to salvage their business investment by hiring someone to retrieve the software from escrow and operate/enhance/maintain it.
I have had experience using Iron Mountain as an holder of software in escrow.
One needs to be careful, though, as while the source code itself may be used as collateral in an escrow deposit, there are also considerations like licensing (i.e. does the owner of the software have a separate license agreement covering their work? //Do they themselves license any software as part of their offering?//) and intellectual property (are any patents in force covering the work that would make the escrow software difficult or impossible to retrieve and use).
Iif one is considering use of a source code escrow to protect investments, it might be a good idea to speak with an attorney familiar with software licensing and I.P.
This can happen in a startup company setting where one or more client(s) want, essentially, collateral against a software startup going belly up. For software startups, the source code IS the commodity, so this ends up being copied and put in escrow to protect clients from such a worst case scenario. If the startups goes boom, then the clients may be able to salvage their business investment by hiring someone to retrieve the software from escrow and operate/enhance/maintain it.
I have had experience using Iron Mountain as an holder of software in escrow.
One needs to be careful, though, as while the source code itself may be used as collateral in an escrow deposit, there are also considerations like licensing (i.e. does the owner of the software have a separate license agreement covering their work? //Do they themselves license any software as part of their offering?//) and intellectual property (are any patents in force covering the work that would make the escrow software difficult or impossible to retrieve and use).
Iif one is considering use of a source code escrow to protect investments, it might be a good idea to speak with an attorney familiar with software licensing and I.P.
a reply to: Flyingclaydisk
Ah FCD already mentioned most of the pitfalls of licensing and I.P. before me
Yeah, TL;DR if you need involvement of a source code escrow, enlist the help of a lawyer to ensure you've CYA.
Ah FCD already mentioned most of the pitfalls of licensing and I.P. before me
Yeah, TL;DR if you need involvement of a source code escrow, enlist the help of a lawyer to ensure you've CYA.
new topics
-
I hate dreaming
Rant: 10 minutes ago -
Is the origin for the Eye of Horus the pineal gland?
General Conspiracies: 1 hours ago -
Man sets himself on fire outside Donald Trump trial
Mainstream News: 2 hours ago -
Biden says little kids flip him the bird all the time.
2024 Elections: 2 hours ago -
The Democrats Take Control the House - Look what happened while you were sleeping
US Political Madness: 2 hours ago -
Sheetz facing racial discrimination lawsuit for considering criminal history in hiring
Social Issues and Civil Unrest: 2 hours ago -
In an Historic First, In N Out Burger Permanently Closes a Location
Mainstream News: 4 hours ago -
MH370 Again....
Disaster Conspiracies: 5 hours ago -
Are you ready for the return of Jesus Christ? Have you been cleansed by His blood?
Religion, Faith, And Theology: 7 hours ago -
Chronological time line of open source information
History: 8 hours ago
top topics
-
In an Historic First, In N Out Burger Permanently Closes a Location
Mainstream News: 4 hours ago, 14 flags -
The Democrats Take Control the House - Look what happened while you were sleeping
US Political Madness: 2 hours ago, 9 flags -
Thousands Of Young Ukrainian Men Trying To Flee The Country To Avoid Conscription And The War
Other Current Events: 15 hours ago, 8 flags -
A man of the people
Medical Issues & Conspiracies: 10 hours ago, 8 flags -
Man sets himself on fire outside Donald Trump trial
Mainstream News: 2 hours ago, 7 flags -
Biden says little kids flip him the bird all the time.
2024 Elections: 2 hours ago, 6 flags -
4 plans of US elites to defeat Russia
New World Order: 11 hours ago, 4 flags -
Are you ready for the return of Jesus Christ? Have you been cleansed by His blood?
Religion, Faith, And Theology: 7 hours ago, 3 flags -
Is the origin for the Eye of Horus the pineal gland?
General Conspiracies: 1 hours ago, 3 flags -
Sheetz facing racial discrimination lawsuit for considering criminal history in hiring
Social Issues and Civil Unrest: 2 hours ago, 3 flags
active topics
-
12 jurors selected in Trump criminal trial
US Political Madness • 88 • : FlyersFan -
Is the origin for the Eye of Horus the pineal gland?
General Conspiracies • 4 • : JoelSnape -
Man sets himself on fire outside Donald Trump trial
Mainstream News • 18 • : nugget1 -
Biden says little kids flip him the bird all the time.
2024 Elections • 9 • : FlyersFan -
Fossils in Greece Suggest Human Ancestors Evolved in Europe, Not Africa
Origins and Creationism • 72 • : Xtrozero -
I hate dreaming
Rant • 0 • : FlyersFan -
MH370 Again....
Disaster Conspiracies • 8 • : Lazy88 -
Do we live in a simulation similar to The Matrix 1999?
ATS Skunk Works • 27 • : purplemer -
Thousands Of Young Ukrainian Men Trying To Flee The Country To Avoid Conscription And The War
Other Current Events • 27 • : Xtrozero -
911 emergency lines are DOWN across multiple states
Breaking Alternative News • 8 • : nugget1
3