How can you do this with CFMX? And will this speed up applications? Robert Everland III Web Developer Extraordinaire Dixon Ticonderoga Company http://www.dixonusa.com
-----Original Message----- From: Dave Watts [mailto:[EMAIL PROTECTED]] Sent: Friday, June 21, 2002 12:04 PM To: CF-Talk Subject: RE: CFEncrypt Utility > For me it would be nice to release an app to the public > that is completely encrypted and I don't have to worry > about the decrypting it. Well, that's probably not going to happen. Once you give those zeros and ones to someone else, they will most likely be able to get to the internal logic, given enough time and effort. There are decompilers and debuggers available that expose this kind of stuff, which is why there are obfuscation tools, but like with any arms race, the advantage generally goes to the aggressor. So, all you can do is hope to make it more difficult. Admittedly, decrypting CFML code is far easier than reading obfuscated Java classes. Unfortunately, I don't see an easy way around this, other than limiting the functionality that you put in your CFML code. Fortunately, this is easier and more practical with CF MX than with previous versions; you can simply abstract out your significant logic and put that into Java classes, and invoke those classes from your CFML pages. When you compile those classes, you can use an obfuscation tool to make it more difficult for decompilers to make any sense of the source code. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 ______________________________________________________________________ This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
