> For me it would be nice to release an app to the public > that is completely encrypted and I don't have to worry > about the decrypting it.
Well, that's probably not going to happen. Once you give those zeros and ones to someone else, they will most likely be able to get to the internal logic, given enough time and effort. There are decompilers and debuggers available that expose this kind of stuff, which is why there are obfuscation tools, but like with any arms race, the advantage generally goes to the aggressor. So, all you can do is hope to make it more difficult. Admittedly, decrypting CFML code is far easier than reading obfuscated Java classes. Unfortunately, I don't see an easy way around this, other than limiting the functionality that you put in your CFML code. Fortunately, this is easier and more practical with CF MX than with previous versions; you can simply abstract out your significant logic and put that into Java classes, and invoke those classes from your CFML pages. When you compile those classes, you can use an obfuscation tool to make it more difficult for decompilers to make any sense of the source code. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 ______________________________________________________________________ Signup for the Fusion Authority news alert and keep up with the latest news in ColdFusion and related topics. http://www.fusionauthority.com/signup.cfm FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
