Re: Python obfuscation

Alex Martelli wrote:
> Anand S Bisen <vmlinuz@xxxxxxxxxx> wrote:
>
> > I dont know much !! But if somebody asks me this question my answer
> > would be to convert some of the meat inside my programs to C/C++ and
> > then provide the interface to those novel ideas to Python using swig.
> > And for another level of protection maybe use these offuscator on the
> > remaining Python source. What do you think ?
>
> I think that's feeble protection. If you have valuable code, and
> distribute it, people WILL crack it -- just check the warez sites for
> experimental proof... EVERYTHING that people are really interested in
> DOES get cracked, no matter what tricky machine-code the "protections"
> are coded in.
>
> There's ONE way to have uncrackable code -- don't distribute it, but
> rather put it up on the net on a well-secured machine under your
> control, available as (say) a webservice (subscription-only, pay per
> use, or whatever business model you want). You can distribute all the
> parts of your app that aren't worth protecting as a "fat client" app (in
> Python or whatever) and keep those which ARE worth protecting on the
> server that YOU control (and make sure it's very, VERY safe, of course);
> and you may write the precious parts in Python, too, no problem.
>
> This is (a minor) one of the many reasons that make webservices the way
> of the future (hey, even *MSFT* noticed that recently, it seems...).
> There are many other advantages, especially if you keep the clients
> thin. The only issue is, your apps will require network connectivity to
> execute... but these days, with airlines and train lines busy adding
> wi-fi, and towns busily blanketing themselves with free wi-fi, etc, etc,
> that's less and less likely to be a big problem...
>
>
> Alex

I think that is not workable because it is easy to say the the internet
is available everywhere.

It is not available in developing countries or in rural areas and so
these people who live/work there will never benefit from a webservice
type protection scheme, and what if the network in your area goes down?
bye bye app that I *really* need for tomorrow. Reliability is
important but so is protecting your code in an effective manner

I do believe that you are right about those that crack software for
kicks or money. If you look around at you local market place i'm sure
there are many 'discounted' commercial softwares/games sold. of course
the big software companies might say 'trusted computing will save us'
but I for one will never truly trust it.

Perhaps a comprehensive protection for interpreted languages can never
be built because of their high level nature?

.

Relevant Pages

  • Re: Python obfuscation
    ... > then provide the interface to those novel ideas to Python using swig. ... I think that's feeble protection. ... parts of your app that aren't worth protecting as a "fat client" app (in ... wi-fi, and towns busily blanketing themselves with free wi-fi, etc, etc, ...
    (comp.lang.python)
  • Re: hide python code !
    ... Compiling code to machine language isn't like locking your door. ... Compiling code doesn't prevent me from seeing your code or your algorithm, ... Would you argue that Python source code hides your ... 'imperfect protection' with 'pointless protection'. ...
    (comp.lang.python)
  • Re: Securing Software with License
    ... If your app is known at all or useful, it'll be on crack sites within minutes. ... I would call this more like an annoyance to crackers more than protection really. ... These typically implement a few different ways of doing licensing, like signed xml files or serial numbers. ... Of course this is by far the most complicated and time consuming option to protect your programs, but it's perhaps one of the most "secure" things you can do and that annoys those using illegal versions the most. ...
    (microsoft.public.dotnet.general)
  • Re: firewall securing outgoing traffic?
    ... >> Linux has IMHO no implicit protection from that behaviour? ... if an open-source app calls home ... administration nightmare -- too many groups, too many SGID binaries. ...
    (comp.os.linux.security)
  • Re: Encrypt or hide the config in ini file
    ... The fact that the typical user of your software is "simple" doesn't imply that you don't need protection from professional crackers. ... The value of the data stored by the server is negligleble. ... If they deliberately screw up the database, it is also they who will pay you for cleaning up the mess. ... 3.- App connect with the server ...
    (borland.public.delphi.thirdpartytools.general)