I've always been a strong advocate of Open Source technologies. I also tend to use proprietary technologies in very last resort, when no other decent alternative exists.

This morning hell broke lose and like a self fulfilling prophecy, my main argument against closed source technologies materialized itself as a bug in one of my biggest project.

Because of the N.D.A. I can't tell much about this project, however I can tell you that it involve browser persistent connection with a home brew socket server. We needed to have live interface/server communication.

At development time, there wasn't any official standard way to achieve this. The easiest way to achieve this was to use a generic Flash object and open it's socket API to JavaScript. So I used the only JavaScript library I found at that time, XMLSocket.

From then all went well. The project was quickly finished and the interface was blazing fast. Using sockets instead of Ajax was day and night in term of speed and I had no memory leaks problems, one thing I had in my first attempt, when I tried to use Ajax polling (the interface is running 24/24, 7/7, non-stop).

This morning I got a call.. one of the interfaces could not connect to the socket server anymore.

At first it made no sense, all other clients could. So I tried remotely, sure enough, it did not work.

After some digging, I quickly spotted something wrong in our socket server's logs.

09:02:09 | Server | Receiving data: '<policy-file-request/>'

I don't recall what exactly was supposed to be there, but I knew that "<policy-file-request/>" was not the expected response.

After some Googling, my partner quickly found an interesting forum thread.

It turns out that our client decided to update its Flash Player, which seems a sensible thing to do. Why not install a better, improved, bug fixed version of something ? If it's new it's better isn't it ?

Except that this update caused all my problems. Don't get me wrong, I know software updates can lead to unforeseen complications and compatibility problems, that's the software development game.

But this is precisely why I hate to use proprietary softwares. In my world, in Open Source world, I would just say "oh, okay" then sudo-apt get an older version of the software and stick to it until I update my software, the story would end there.

In closed source softwares you are literally an hostage of the company who created the software, if they decide to break backward compatibility of their API and not provide older version of their software, you're on your own.

Go to adobe.com and try to find the download links of older Flash players, good luck.

I was left with only two solution.

• Reverse engineer XMLSocket, a one line of obfuscated JavaScript, and try to fix it.
• Find and download an older Flash Player version from an untrusted source

Obviously, I reluctantly chose the latter.

It's also interesting to note that most serious Open Source projects use a very strict versioning policy. Such API change would probably never have occurred in a minor software revision. The Flash Player policy change was introduced after 9.0.47, as a simple bug fix. So I can expect that any updates of this software are prone to break my application.

In Open Source I know that if a software goes from version 9.0.47 to 9.0.48, or even to 9.1.0, there is most likely no big API changes, only bug fixes and small improvements.

In other word, it's backward compatible and it won't break my application.

The only closed source software on which my application relies is until now my biggest source of hair loss.