"Will Mailbox be open-sourced?
Unfortunately not. We gave a lot of thought to open-sourcing the underlying system, but this is ultimately not something we will support."
Let Ca be the cost of that lost advantage,
Let Cb be the value of good will from the open source community
In what case is Cb bigger than (Pa * Ca)?
It's an email app. It talks IMAP^H^H^H^Hto Gmail. It runs on iOS. How many secret, commercially important techniques do you really suppose it contains?
For a site which supposedly hosting an audience of entrepreneurs and engineers -- people who understand that the value of a thing can be multi-faceted and not always obvious, or that the difficult of any job is easy to underestimate, and that to convince someone to do something you have to appeal to their incentives/concerns rather than your ideals -- the entire argument in favor of opening this app is built on pedantry and baseless assumptions.
Yes - if you make a HTTP call from an app, it can be trivially sniffed. Sniffing HTTP is the first thing a third party trying to discover that undocumented API would do, and you don't need source code for that at all. (This is also why you must always sanitize data coming in from a user's device, even if it's from your own app.)
You can make the argument that there would be a time cost cleaning up the internal calls that will no longer work once the servers are turned off. Sure, but: 1) there are no secrets that would give competitors a new advantage, and 2) if you don't have that time, just chuck the code over the fence and see what happens - worst is that no one uses it, which will be the case with closed code anyway.
Your point #1 is totally unjustified: you don't know what you could learn by e.g. looking at a data structure used internally. #2 shows that you are unable to answer the question of which of Dropbox's incentives are satisfied by doing this.
My point was just that any API over HTTP that's used by a consumer app is not private or internal. It is a public API with unfriendly documentation.
(Note that when I say "unfriendly documentation," I'm not even talking about sniffing. Most consumer apps can be decompiled by non-experts, and then the text-based API calls would be readable.)
First off, if you're open sourcing your codebase because you're getting out of a particular market, you have to ask whether revealing techniques and strategies to competitors in that market is really an issue. After all, if those techniques and strategies had given you a competitive advantage, you probably wouldn't be having this discussion.
Second: If you really are concerned about that, just use the GPL.
My point was to challenge open source cheerleaders to actually give a reason beyond their own gain for why a company should do this. Instead, we have blithe dismissals and narrowly constructed hypotheticals built on optimistic assumptions.
I'm sorry, but what? Your whole initial argument is a narrow hypothetical "they will see our secrets" with no theory of what those secrets might actually be - what exactly do you expect in return? I gave you an answer based on your formula, and a follow-up comment afterward. Can you expand what about my answer was built on optimistic assumptions, in a way that your initial theory was not?
There are no private APIs nor secret data structures in software that you've distributed to users. It can all be decompiled and sniffed. "Oh but the competitors will see my code" is basically FUD. How many times has YC told us it's all about the execution, not the technology?
You, however, are asking everyone to assume that it's totally safe to reveal any/all source code.
> There are no private APIs nor secret data structures in software that you've distributed to users.
That's fine. What about the code that lives on your servers and supports the client?
Unless open source is part of your marketing strategy (which means the effort would have a budget), it's really difficult to open source an existing commercial application.
Nobody asked them to support it, or whatever. Just dump the damn thing online so others can pick up and continue to "help fight your inbox to zero".
Clearly their intention here was profits and since they didn't see any - they kill it off. They won't do it so nobody else should try to safe email either.
I wanted to get my company (over 3,000 users) off DropBox long time ago after each update comes with new issues. But this just broke camel's back. I will make the switch happen this weekend.
Um, of course their intentions were profit? Dropbox is a for-profit company, nobody ever questioned their intentions as being anything else.
And it's not pure speculation; I've worked on enough internally-developed products to know it's not always feasible to open source an entire service offering after the fact. It's expensive enough to do between code scrubbing, legal reviews, etc. that you're generally only going to do it for strategic reasons (i.e. you know you can never make money doing it but want to commoditize the market space to hamper a competitor's growth, you want the community to help support your infrastructure, or your business model is open source + support).
Whereas your post is speculation on yours.
"Nobody asked them to support it"
At the same time, if they do open source it, people are going to see that it was once Dropbox, and any issues they see with it are going to be seen as the fault of Dropbox.
"Just dump the damn thing online"
Far more work than it sounds like.
"Clearly their intention here was profits"
They are a company with bills to pay and engineers to pay, right?
"They won't do it so nobody else should try to safe email either."
I don't see them going around and killing other people's email clients.