On Wed, 2010-05-26 at 05:40 +1000, Lie Ryan wrote: > On 05/26/10 01:09, Adam Tauno Williams wrote: > > On Tue, 2010-05-25 at 18:49 +0500, Sandy Ydnas wrote: > >> Agree, reveres engineering is crucial issuer for programming > >> language > >> but every executable file can be cracked, for example by using > >> disassembler!!! > >> For each weapon there is antiweapon, so > >> is it possible to prevent reveres engineering when customer have > >> access to executable made from Python code??? > > No. But you can make it hard. > > Store a GPG encrypted blob in your program that contains you secret > > sauce, is decrypted to memory, executed, and then discarded. Setup > > some kind of license manager like dongle or application to perform the > > key management. > That merely gives a false sense of security.
There is no "true" sense of security. There is only degrees of obfuscation, hence the first sentence: "No. But you can make it hard" > If the program is decrypted > in memory, you can easily make a memory dump Easily? Really? You vastly over estimate the majority of computer users. If someone who knows how to read the memory of a running process wants your secret sauce - they are going to get it. > to get the unencrypted > program. If I am a competitor that can make economic advantage by > cracking your secret sauce, it wouldn't be difficult for me to do that. True. That is pretty much always true. The only effective solution is to have your app call a web service [or some kind of RPC] to a server where you keep the secret sauce hidden away. -- http://mail.python.org/mailman/listinfo/python-list
