Hi everyone,
I have a question about the licensing of the applications that I develop for the beaglebone, since it is open sw/hw, should the applications that I develop on it also be open source?
Kind regards
It doesn’t have to be, but that will depend on any libraries you link against.
Hi @benedict.hewson
Thanks for your answer, I suppose there will be libraries that are licensed or that are not distributable.
One more question, a little related to the main topic, do you have any idea which is the best way to secure source code in BB?
Kind regards
All of the libraries on the BB /Linux can be distributed or they would not be on there.
I am not an expert on such matters and a lot will depend on what you are doing and modifying. If you modify any of the GPL’d software then under the license you need to make the source available. If you are using the standard BB image then you probably don’t.
I am assuming here that you are using Linux on the BB board. If you are going bare metal then things are a little different, but not much.
The other thing to bare in mind is if there is any code under the GPLV3 license where you may run afoul of the anti-tivoisation clause if you try to lock down the board to prevent updates/tampering.
Which leads onto your second question.
I would just assume that you can not secure any code you install onto the BB and sell on to others if that is your goal.
Given that all of the boards allow you to boot from an sd-card plugged into them, there is nothing to stop someone booting there own Linux from SD and then mounting the eMMC to read the contents whether it is a standard Linux or just some bare metal code.
You could maybe modify the board, remove components and such to try and prevent this, but anything you remove could be replaced.
There are other things you can try. Assuming some sort of cloud based authentication is not workable, you could try some sort of hardware dongle on a custom cape.
However history has clearly shown that any attempt at DRM of one sort or another fails eventually. This might be good enough for your product. It depends on how much you are selling it for and the demand as to whether someone will go to the effort of by-passing any lock you add.
Requiring a custom cape for functionality (not just a dongle) will stop the casual software copying, as the software alone will do nothing. But this depends on what you are doing and may not be an option.
For best security you should not use the BB boards, but your own custom design. You will need a processor with some form of secure boot. I don’t think the standard BB boards have this (could be wrong). The MPU used on the AI-64 does have a secure boot variant, but I don’t believe this is used for the AI-64. Securing any device must start at power on.
There will be a trade off in terms and cost and time for the security you add.
Even if you protect your product 100%, if what you are doing is valuable enough, there is not much to stop someone from duplicating the functionality in another product, especially if you are basing it on open hardware. There are literally millions of programmers around the world, and no matter what software you write, its functionality can be replicated if there is a demand and there i money to be made doing so.
1 Like
Hi @benedict.hewson,
I am very grateful for your answer, it has become very clear to me and according to this, I will not have any problem with the license section, since I am using the standard BB image and also my development does not imply modifications.
I agree with you, at the moment that I provide the client with the hardware, nothing will stop him from extracting what he has or even cloning it. I will evaluate the best way, taking into account a secure boot, I appreciate your support.
Kind regards