Software For Ransom

rbp writes "I just received a message from Adam Theo on the Jabber Developers Mailing List about what he calls "The Ransom Model" for software publishing. The principle, according to the above linked site, is that the "rights to the source code remain restricted until a set amount of money is collected or a set date passes, at which point the code is freed". Seems like a very interesting way to make money and produce free software. I think it's worth discussion. Take a look at the Ransom Model webpage and join the Ransom mailing list! (You might also be interested in recent news about Blender)" Reader Apreche adds a link to a Freshmeat editorial piece which draws on Theo's idea, writing "This has some obvious problems, but it is worth discussing. The biggest problem I see is where vaporware fits into the equation."

anyone seen trigger happy tv?

i've got the money. please just don't hurt her!

oh, sorry, thought you were someone else.

Ransom is such a negative word

They could atleast pick a word that doesn't carry so many negative associations if they wish for people to discuss it openly and fairly.

Anyway, a third party should step up to act as a broker and hold the money until the software is ready. It'll help protect both sides.

Eh, maybe its appropriate...

Coming form a perspective of people believing that software should be free, the ransom name seems apt. In contrast, I suppose Microsoft would be using the slavery model :).

As for a third party, is it really that important? I mean, they develop the software, you buy it. If at some point they don't make their commitment to release it to the world, then you just stop buying it from them. If you can't afford to take the risk of changing away from it later, then don't buy into ransom software.

Re:Eh, maybe its appropriate...

Well, it'd probably be in the EULA that the company *must* release the source after x dollars have been made. Otherwise people wouldn't really believe it. If you paid and the company doesn't release the source when specified, then you can sue.

Re:Ransom is such a negative word

Others have brought up the negative connotations about the name, but far more have liked it. I personally like the name because it makes people stop and look, and because it is so bold it actually comes off as being a bit goofy of a name. Also, it very appropriately describes the entire process in one simple word. How many other projects can claim that? :-)

Besides, end users are not likely to ever see the term "Ransom". I expect this model will mostly be seen and used by the developers and their sponsors, investors, and distributors/resellers (to use those terms loosely).

Re:Ransom is such a negative word

When the source code is released, will it come in the mail with no return address and spelled out in individual letters clipped from the newspaper? If so, where are they going to find enough semicolons?

I"'m gonna do it!...

I'm gonna blow away the code!"

"No, man. You do *not* want to take this to the next level..."

I think we're forgetting something

Rights to the source code remain restricted until a set amount of money is collected or a set date passes, at which point the code is freed.

What happened to the "more eyes = better code" paradigm that so many Slashdotters and Open-/Free- Source gurus so frequently praise.

Listen, people -- if these new, deviant "random" coders start projects with expiration ("freed code") dates of 10 years down the road, no one will ever learn, improve, or assist innovation in the realm of software engineering. We will simply end up with thousands of under-funded vapourware applications, which in turn will stifle innovation for years to come when one considers all that *could have* been produced in the same amount of time with a more reasonable development model, such as Microsoft's Shared Source or ESR's Open Source.

Re:I think we're forgetting something

The code could still be public, but not "open," allowing more eyes, and even suggestions, but not permitting someone else to use the code without permission.

Re:I think we're forgetting something

I usually go with a GPL license from the start and offer companies the option of an alternative license that'd allow them to distribute without releases of their own changes. I've considered the idea of switching to a 'ransom' model where customers get a tempory license allowing them to distribute without releasing code and after I got $xxxx.xx back to pay for the development costs dual license the code as GPL/BSD. So far I've resisted such a model though because I dislike the BSD license in general. I'd rather keep control over all exceptions to the GPL.

I was going to do ransom on per-version basis though. Each new release would have to be paid for again (just the costs of that release) if they wanted to be able to base their software off the newest code base.

Street Performer Protocol

Actually, it has been thought of before [counterpane.com], in the form of the Street Performer Protocol. Granted, the SPP as written assumes that it's going to be applied to textual works, but it doesn't seem like a great leap to apply it to the programming world.

still not good as good as opensource

The code/design that is reviewed and critiqued from the start is always better than the code that is the critiqued after the implementation. Again with the Ransome model, the design will not be as good as the opensource design model. http://docbook.sc-icc.org [sc-icc.org]

Well it looks ok on paper

The problem with this whole situation is this IMHO... first of all, this will cause people to (a) pirate what used to be free source anyways. (b) cause people like me to wait out the time limit so that i will always be two steps behind what is current unless we will fork out ca$h, (not bloody likely) (c) cause the free source community to stop doing it for the reason they started in the first place... Its a hobby, they enjoy it, and they want to make the computing world a better place. I am not trying to be flaimbait, but if i have to pay for *nux, or any software really, I would just stick with microsoft, due to the full featured compatibily and mainstream acceptance. Granted *nux is more robust, and far more efficient. Overall I am more inclined to do things by my pocketbook.

The ramson model has one problem ...

If you expect the ransom will be relatively "cheap", and they promise it to be ransomised in the future you may start using it now. And as many people use it, they have more and more incentive to increase the ransom.

At some point you may either find the ransom is not what you expected (and way off the hooks) or that you have been left locked into a 100% propietary solution and have a huge cost to move to another one. Also, the "other" solution may not be arround, because everyone was using this "good looking" ransom app.

duh.

The problem that Ransom solves is that many open source developers work very hard on their software projects, and usually end up giving their work away, due to the nature of open source
That nature being what? A lot of OSS developers do it in their free time, of their own free will and with their own resources. In a perfect world, yeah they would get paid, but holding the code until they get paid? Doesn't seem like the best way to go about it. What if their code sucks? No one will use it and they won't get paid. What if it is a cool app? Still no guarantee they are gonna get paid. Why would I throw money in their direction, in the hopes that the code gets released? What if it never does? What if they never hit their magic number? Can I get a refund? The cool thing about OSS is that the cool apps seem to rise to the top, people become interested and contribute their free time, thus enhancing the project. Money Grubbing doesn't enter into it as much. Why would anyone help out on a project where the code may never get released? I say ransom blows.

Money pit?

Alright, so what happens when you "donate" to one of these projects? You give money, and if enough other people think it's worth their money, you get the software. Doesn't this mean that unless you're willing to finance the project in whole, there's no guarantee that you'll ever see the software? While I can see a good number of people supporting ransomed software out of good will, I can't see it working as a real business model, as people generally want some reassurance that they'll receive that for which they've paid.

It's just a new way to do step 2

1: Write Code
2: ???
3: Profit!

Two Questions...

Forgive me if I'm being obtuse but... (I know it's a great way to start a post)

How does this affect me, a person who enjoys using Linux/Open Source applications, but have no need to modify them...I just install the binaries and run (yes, I do pay/support when asked)

Secondly, what's to stop some "evil corporation" from buying the rights to the software while it's still in the "Ransom" phase, and then "resetting" the expiry date, or the new Ransom amount?

I can just see it now..

Gangsta code brokers..

"Ya see Jimmy, ya gets the .c files now, half now, half later... thens ya gets the .h files and the configure script.. donts be trying anything funny eh Jimmy?"

Heh..

Wasn't this a Mel Gibson movie?

"Give me back my code!"

Slashdotted...Here's the text

"Ransom is a software publishing model where the rights to the source code remain restricted until a set amount of money is collected or a set date passes, at which point the code is freed".
This model is fair, legally sound, practical, and easy to understand. In the Ransom model, the programmers are paid by the simple demand and quality of their work, not by selling copies of their work by creating artificial supply restrictions.

The problem that Ransom solves is that many open source developers work very hard on their software projects, and usually end up giving their work away, due to the nature of open source. I firmly believe that their social-mindedness and generosity do not qualify as reasons why they shouldn't be fairly compensated for their work. It is impossible to ensure payments through closed source software use, so the rules of publishing the software in the first place need to be changed.

Current models do not work since they are not fair to all parties. Purely "closed source" softwares not only severely restrict the user's abilities and freedoms, but also ignore the laws of value by ignoring software's ability for unlimited supply using a simple 'copy' command. Purely open source software removes any chance of reliable income from the programmer and leaves them to the whims of gifts and benefactors. Neither of these are acceptable.

Details: In short, Authors (the programmers of the software) first publish their work under a Ransom License (a special proprietary license). There exists the stipulation that the code will be automatically freed to a set Open Source License ([OSI]/[FSF]-approved or the public domain) once a set amount of funds have been collected from Contributors (satisfied users, grateful corporate customers, or distributors/resellers) or a set amount of time passes, whichever comes first. You can read details of the complete step-by-step process.

The public gets completely open source software, and the programmers are fairly compensated for the real work they do, not the amount of "copies" they sell. Public interests are protected by legally-binding guarantees and oversight organizations. You can read details of all features and considerations.

Issues: The current issues being discussed are:

The list of Ransom Licenses (such as: /Simple).
The list of Free Licenses.
Whether Ransom should allow authors to completely hoard their source code until the full Ransom amount has been paid, not even selling restricted copies.
Discussion: All discussion of Ransom occurs on the Ransom mailing list, to which you can [subscribe, unsubscribe, or manage]. The list is not moderated, but you must subscribe to post. You can also [read and search the archives] of the mailing list.

Background: This project began as an idea from a friend, Eric Murphy, on how to finance a digital identity system (which has now grown into [PingID]). I took the idea and posted to [Crynwr's Free Software Business list] about it. This project is the final realization on how to achieve financial compensation for producing open & free software.

---

This is a valid model, used by Blender amongst other projects. However, I think the use of the term 'Ransom' creates a rather negative perception - do you really want an open source model associated with kidnapping? -- RichardDonkin

Perhaps a better name would be: 'Appreciation Model' or 'Threshold Model'. -- PipStuart

Interesting, but not new...

Check for example Kelsey and Schneier's "Street Performer Protocol", published a couple years back in First Monday:

The Street Performer Protocol and Digital Copyrights [firstmonday.dk]

There the idea is that the "author" promises to deliver his "work" (a novel, software, anything), as soon as he receives a certain amount of donations. Stephen King actually tried to publish a book like that, chapter by chapter, a few years ago, but I think he concluded that the time wasn't right for it yet.

King did it wrong

If King had said "I need $10k for the next chapter." he'd have been fine. By saying "x% of you need to pay" he was doomed to failure.

If I downloaded at home and work, then I screwed his calculations. If people downloaded 20 copies to screw with the system, they succeeded.

If a writer just decided what the market is worth for the story/novel and asks for it, then they're being fair and the system is more likely to work.

Re:King did it wrong

A better way that is known to work is serial publication in a magazine or newspaper. I am reminded of this because I was watching "History's Mysteries" the other night and they were talking about original manuscript pages from Uncle Tom's Cabin which was published serially in a newspaper. IIRC, a number of other famous American works were originally published in this manner and went on to do well.

In the 19th century it worked because newspapers were widely read, and it was unlikely that someone would go through the trouble to clip the stories and bind them to make a personal "book". Those who didn't get the paper heard word-of-mouth from people who had, and got the book when it came out.

I'm not sure how this could work on the web, because the works can be copied so readily now. Reading things on the screen is a pain, so people might not read the whole novel, and even if they did read it they'd send their friends the link, not a recommendation to buy it.

Things get more interesting when you have easy-reading screens. Combine that with exclusive distribution through one subscriber service, and you duplicate the 19th century serial publishing model.

Trouble is, the author still has to cut a deal with the publisher. So... this doesn't really compare with King's experiment which was direct to the customer. Also, King is King. Joe B. Hacker is "nobody" so even if he writes great fiction, how will he get people's attention?

mod parent up

A while ago, a friend of mine asked me how he could apply a sound economic model to the distribution of digital (a.k.a. easily reproducible) media. He wanted a system that fully accepted the near-uselessness of DRM technology. I told him about the "Street Performer Protocol".

This is the only model that makes sense to me in that it is clear, well-defined, and simple, yet complete. As the world "gets smaller", the information (knowledge) economy seems to be converging on a sort of minimum -- where the moment a piece of private information becomes public, it becomes public with a capital P (anyone who wants it will get it whether you like it or not). Digital technology allows the game of telephone to be played ad infinitum, and the message at the end of the line is the same as it was at the beginning. Sure, we can try to stretch the Copyright and Patent laws to fight this, but isn't the more intelligent solution to adapt to the new environment in a profitable way?

I have heard economists argue that "secrets" will become the most profitable asset in the information economy (as if they aren't already). This certainly applies to international politics and military affairs already.

In any case, it seems to me that SPP is in sync with all of this. And of course it applies to source code! I think that distributed development deserves a distributed payment system, based on SPP or something like it...

As for practicality, please note that SPP is not new or untested. Public Radio & Television, for example, has been doing it for decades: "We'll give you a quality stream of news/entertainment if and only if you pay us $X by date Y". And guess what -- it works. The government backs out of more of its commitment to funding public media each year, and yet the industry is here.

Probably the name is the worst part of the whole idea. I thought SPP was bad, but "Ransom" -- that's near idiotic -- the kind of name that makes great soundbites for the RIAA. Yeah, "Ransom" sucks. The idea of SPP is great though -- I just wonder why more folks aren't on the bandwagon yet?

BTW, the whole Stephen King experiment is an awful example of this, since there are so many external contributing factors. A fair first experiment with this concept would use a medium that is commonly distributed in digital format. While people do read from computer screens frequently, they do not tend to read novels on the computer. A more fair test would be in the distribution of music, software applications, software documentation, digital images, etc.

OK -- rant done.

Not a completely original idea

Nullsoft did something like that a few years ago -- Winamp used to be shareware. Then, at version 2.50 [winamp.com], Nullsoft thanked all those who purchased it, and turned Winamp into freeware.

Caldera should try this method

They'd definitely be feelin' the Ransom love.

A bunch of issues

I got a bunch of problems with this model. I'll mention them. Feel free to disagree.

I'm assuming that the binary must be free and freely distributable, otherwise, who would ever know about this project, and who, then, would donate money towards it. (Or, of course, this could have already been a commercial product that was not freely distributable, but that has a wide following.)

1) If a user does not care about every seeing the source code, he has no reason to pay for it, because again, he already has an unlimited right to use it as much as he wants.

2) Even if a user would like to see the source, he knows that it will one day be released, regardless of making a donation.

3) Even if a user would like to see the source as soon as possible, unless he can afford the entire ransom amount, he has no reason to believe that his donation will make the source released earlier: either not enough other people donate, so his donation is meaningless, or more than enough have donated, in which case his donation is unnecessary. (Do a google search on Kitty Genovese to see what I'm talking about).

Anyway, it doesn't seem like there is any reason for someone to donate, except for the same reasons they donate to OSS projects now. In fact, people might donate less, because nobody likes to pay "ransom" for anything.

Donation fraud, reputation

There have been a few expressions of concern about vaporware. The solution to this is simple. What is held for ransom is the source code, but a working executable could be released, sufficient to demonstrate that the programmer really has written the program in question. There would still be an incentive to pay the ransom. An executable isn't as valuable to the average user as a program whose source has been released, because with the latter, it's possible to get peer review, upgrades and modifications, etc.

The server was slashdotted before I could read more than the front page (see Google cache [216.239.39.100]), so I missed the "step-by-step process" description.

People have mentioned concerns about sky-high ransoms, but the free market will vote with its feet so that doesn't worry me. Likewise, the problem of a programmer who raises the ransom after the initial announcement will be solved because people will get disgusted and won't pay.

But there's a problem of fraud. Joe Programmer wrote Foo Program and I've donated ten bucks to have the source released. But I don't know if Joe counted my ten bucks toward the ransom, or simply pocketed it. If I'm patient and trusting, I can wait for market forces and reputation to filter out the programmers who pocket donations.

But Joe can do better by posting a list of donations. For donors who prefer to be anonymous, he assigns them a number and emails a copy of the number to them, so they can verify that their donations have been counted. Anybody can grab a snapshot of the donation list and throw it in a spreadsheet to verify the current tally.

Anybody whose donation was ignored can gripe in some suitable forum (Slashdot, Usenet, wherever) and if there are enough gripes that don't look like kooks, Joe's reputation will suffer.

This is bad (several reasons)

1. people should not start software projects to make money. It's good if you can make money off software, but software written not because you enjoy it or you need this particular problem solved usually sucks.

2. typical free software projects need external help the most in the very beginning. Most projects fail before the first working prototype is finished. Because of that, I won'd be contributing to ransom software; I can't even be sure that the software will be released as free software because I have no way to know how much money will be donated.

3. accountability. How do you know the author will not lie to you about how much money he made so far?

4. disincentive to cheat. If the author survival depends on this, he has an incentive to let you pay through your nose for updates and upgrades and new features, and you will probably hire him because nobody else knows the source code like him so he can be faster than others.

In my experience, free software projects work best if they are a) not paid for at all (you do it in your spare time) or b) they are paid for by one company who really needs this problem solved but you are allowed to release the software as GPL, too.

Even better: c) you start the project as GPL but get your work funded by some company who needs the problem solved. Many of my projects are category c) and it's really in the best interest of you (because you get the money and you get to write free software), the company (they get their problem solved and they get the source code and random people off the net will help them improve their software for free), and the world (because the world gets new free software as part of the creative commons world heritage). In contrast to the street performer protocol this is actually known to work in practice ;)

A trusted third party

If this solution were to be implemented, it would only work if there was a 3rd party that could be trusted by all sides of the deal. The 3rd party would 'release' the software when the conditions of the agreement were met, and would certify that the software performs to the specifications made public.

Otherwise the scheme would tend to generate mistrust on the public's side of the equation. Perhaps someone like the EFF or the GNU people could hold the rights in escrow until the appointed date/cash level is reached.

Personally I prefer that we could all just trust each other to be reasonable.

Will the eula...

be written by pasting different sized letters cut out from a newspaper onto typing paper?

Seems dumb

This model seems stupid to me.

1. Software is released under a 'Ransom' license.
2. People don't buy the software, waiting for it to become free once x others have bought it.
3. No one buys the software.
4. The software never becomes free, and no one uses it.

It's wholly unfair that some people get to use it for free whilst others pay for it. Opensource developers SHOULD code apps because they like doing so, and because they're useful, and they should make their wages doing maintainance/individual projects for companies.

Re:open source software eats programmer jobs

I just want to point out that Ransom is not likely to work for people who would otherwise be able to purely open source the project. If a project is so easily done as an open source project, then a competing (fully open source) project will come along and take away the Ransomed project's users. Ransom will work best in areas where traditional (is open source old enough to have a "traditional" label???) open source can't work very easily, areas where the proprietary, corporate developers still rule.