*chews on this*
Can you give an example? Is it like Firefox with all its add-ons?
(Sorry if these are stupid questions, I just try to understand and imagine what this debate is about.)

How many corporate server-side applications did you write? I wrote two. It would be far easier to build an entirely new application than to guess what's gog doing server-side.

I'm sorry, but all I see is you speaking from position of ignorance. Do you really believe that closed-source can't be abused? Of course it can. And such abuses and injections then can't be fixed properly and on time, because there's only limited amount of developers tending to such problems. Basically, troughout this entire thread, I have still not seen a well-informed argument opposing open-source approach, just good old "I fear what I don't understand"

All right, FireFox. There's an application called Pale Moon - it keeps most of the FireFoxe's source code and is directly compatible with FF's addons, but is backed by a slightly different design philosophy, improving upon several aspects of the browser. That would be JMich's aplication with hookers and blackjack.

Ah! Thank you! Now I can imagine what this is about!

Wouldn't the fact that my GOG client can communicate with my friend's GOG client via the chat function be a problem security-wise?
I could imagine somebody writing a modification that sends data to my computer using this connection, you know like "evil" data. ;-)

Edit: If all these questions are getting on your nerves or if you don't have time, just tell me, OK?

Open source the API? When the client is still at early phase, it's not even being implemented yet. But not really surprising coming from a Linux user, they're always paranoid. I voted no, the keyword here is "control".

No, not really. What you need to understand that all community-made changes would be freely accessible, just as the GOG's code would. If someone made nefarious changes, they would get uncovered and caught very quickly - that's why all the commonly used open-source communication clients are very secure. Not in spite of the fact that a lot of people are working on them, but because of it.

Technically, there's nothing preventing a single person to write code which would send your data directly to his database, that's why it would be important to only use versions maintained by people you trust - but that applies to any software you're using.

I'm loving your questions. You're trying to understand the issue as opposed to condemning it for the sake of condemning it.

Hmmhmm. OK. Thank you again!

Practice shows otherwise. It's easier to open the project from the start than opening it up way later along the road especially if open sourcing wasn't taken in consideration and the project accumulated various roadblocks like non free third party code and so on which might prevent it from opening up altogether.
You sound clueless about software development. Protocols are opened before they are finalized if parties are interested in feedback and input. See IETF. Of course GOG doesn't try to create another Internet standard, but no one is asking them to open the API and protocol before they finish its design. Voting no has no useful meaning here.

You don't really "open source" an API. An API is basically the public interface to execute your implementation. Let's use Python as an example. The Python library has a large chunk of documented functions and classes. It also has an even larger chunk of internal code, which you can easily access as well. The stipulation is that usage of the private interfaces, which are internal to the workings of Python, opens you up to using functionality that can break in future releases. Believe me, it's a danger I'm all too familiar with.

If Galaxy comes with a documented API, GOG is providing a technical contract to other developers that if you call this function, with these parameters, Galaxy will do this. In other words, an SDK.

Not really and SDK (this implies some development tools - "Software Development Kit"), but the protocol. I.e. interface of data exchange between the client and the server that GOG are going to run.

For some reason the term API (application programming interface) caught up as a term for various high level Web protocols (which usually use XML or JSON and so on). It's not really the most descriptive term for it.

See https://en.wikipedia.org/wiki/Web_API

I just read through the thread. All this arguing is tiresome. As I have not been convinced otherwise, I am all for GOG making Galaxy open source and documenting the protocol and API. Please, GOG, make it so.

They can also do that by making suggestions and testing them as there added... works both ways.

I never disagreed with that, I just don't see the point in leaving the lock off the door and letting the robber rob you... sure that lock can be broken but at-least it slows them down. At-least GOG would have time fix these vulnerabilities as there found... rather than having so many being found at one time, which is likely if they made Galaxy open source this early on.


Because they can steal the client's code itself and release there own version using GOG's code tied to there own servers...for whatever purpose, could be gaming... could be something else. Happens everyday, to a lot of companies... why make it easier for them?

I use open sourced software all the time, I love it... I just understand that open source isn't for everything... and for something's... in case of a client that's tied to a big company like GOG... closed software works better, and your better off for now allowing people to tinker with it.

Open source allows copying by design. It's not called "stealing code". Whats wrong with it? It doesn't affect GOG in any way, besides may be others blaming the source if GOG didn't produce a quality code to begin with. Closed source doesn't work better here in any possible way. "For whatever purpose" sounds like baseless paranoia. GOG doesn't sell the client. GOG sell their service.

Open source can be indeed hard to apply to everything. Good example are artistic assets of the games. Making them open makes hard for developers to sell them. Still, they can use open engines, while keeping the artistic parts of the game private. And even with all that, some still manage to make fully open games.

However all this doesn't apply to such things like the updater client. It perfectly fits to be open from the start.

GOG doesn't sell there client, but GOG has put a lot of the work in the client... work that any rational company would protect and not allow another company/person/competitor use to make money off of or use in a way that it wasn't designed for. How many big companies do open source? I'm sure you can find some, but no many unless they were founded on being open source. It's fine to like open source software, hell even want open source software... but take of the rose colored glasses.

Let's just agree to disagree, GOG will to what they think is best... regardless of us. :)

May be try reading more about how companies work with open source. They collaborate. Collaborative effort can save them time and tons of money. It can enable what wouldn't be even possible if not for the combined effort.

Examples: http://collabprojects.linuxfoundation.org

Regular closed source thinking goes like yours. But practice disproves it in many cases. Open source doesn't require one to neglect objective goals and obstacles.

Oh, sorry. Fans can make additions when they're needed, not 5 years down the line :-P

It's not... Uh, look: I will continue this debate when you show at least basic understanding of the issue, all right? This example makes it clear you have no clue what you're talking about. Hint: Information on how locks work is freely availible.

First of all, as I have said multiple times in my previous posts and I'm really, really tired of repeating it: If all GOG makes availible open sourced is their client, it'll be utterly useless to anyone else trying to use it without the server portion. Reverse engineering the entire server side by what basically amounts to guesswork is not an easy job. Which you'd know if you've had at least minor understanding of the issue.

Second: What shmerl said. Any programmer will tell you that free flow of information makes their jobs helluvalot easier. What you also don't seem to quite comprehend is that if GOG manages to significantly contribute to open source community, they will get a lot of outside help. If they don't, they don't need to worry about source code theft.

I'm quite sorry for sounding arrogant in my post, it's quite difficult for me to help doing so - your posts show only extremely superficial understanding of the issue, and the very damaging 'Collaboration is bad' attitude.

Not to mention that open sourcing software doesn't actually take any control away from whoever is developing application. If I hear the 'Open source = free!' thing again I'm going to start shooting people.

Edit: Oh right, and I'm not a Linux user and I am working on closed-sourced, commerial applications every day.