Re: [PHP] Re: (ANNOUNCE) codeSECURE 1.0 released - - Protecting PHP code
On Wednesday 22 October 2003 21:38, Bas wrote: Is it free? For details, check us out at http://www.secureCents.com -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* The fundamental principle of science, the definition almost, is this: the sole test of the validity of any idea is experiment. -- Richard P. Feynman */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: (ANNOUNCE) codeSECURE 1.0 released - - Protecting PHP code
Hi Jason, Did I say something wrong? A bit puzzled as you just copied what I wrote to the other guy and reposted Cheers, -JB On Wednesday 22 October 2003 21:38, Bas wrote: Is it free? For details, check us out at http://www.secureCents.com -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* The fundamental principle of science, the definition almost, is this: the sole test of the validity of any idea is experiment. -- Richard P. Feynman */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: (ANNOUNCE) codeSECURE 1.0 released - - Protecting PHP code
I think he just answered the other guy's question with your answer to another one ;-). btw. http://www.securecents.com/secureCode_features.php only returns a 404. thomas On Wed, 22 Oct 2003 23:20:13 +0200 [EMAIL PROTECTED] (John Black) wrote: Hi Jason, Did I say something wrong? A bit puzzled as you just copied what I wrote to the other guy and reposted Cheers, -JB On Wednesday 22 October 2003 21:38, Bas wrote: Is it free? For details, check us out at http://www.secureCents.com -- Jason Wong - Gremlins Associates - www.gremlins.biz Open Source Software Systems Integrators * Web Design Hosting * Internet Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general -- /* The fundamental principle of science, the definition almost, is this: the sole test of the validity of any idea is experiment. -- Richard P. Feynman */ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: (ANNOUNCE) codeSECURE 1.0 released - - Protecting PHP code
Hey, I think he just answered the other guy's question with your answer to another one ;-). Oh, ok. btw. http://www.securecents.com/secureCode_features.php only returns a 404. DAMN! we changed the name from SecureCode to CodeSecure and I guess forgot to make the change on the site :-( anyway, now we have a duplicate page so it shouldnt cause a bother no more... Thanks for pointing that out. -JB -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: (ANNOUNCE) codeSECURE 1.0 released - - Protecting PHP code
Hey again David, % Hey, that's a nice offer. % Thanks, we aim to please :-) this offer is open to _anybody_ on the list, % but please send us one file at time to example encode and not more. Oops. Sorry. I figured you'd need both to have them work together. Perhaps not; perhaps only the core engine need be encoded but anything else could be plaintext. That would be nice, too. Not a problem, I really didn't mind but was just safeguarding myself from extra work...:-) like if someone sent me 200 files :-D I wouldn't be able to refuse as I didn't specify the number before BTW, this is probably off-list traffic but if I'm asking common questions feel free to put it back on the list. Thanks, will cc this to the list. % I've obvuscated them and attached them with this mail, but dont overwrite % your present files because I have not included the key file to open them. % If you run them now you would get garbage output...if any. Indeed. So how does the key look and what do I do to my code to make my server show the pages? We sell our software with 2 keys, one key looks something like this oÜ??X? (this changes according to the password you set when you are encoding) and the other key is just a normal php script (encoded of course) To make your scripts work all you gotto do is add these two files to the rest of your files No making any code changes, no settings changes etc. Works with everything including variable variables($$someThing) OK. So I just bought index.php from someone and now I want to get it to work and I have sent him payment. Next the key file comes winging its way to me from him(you) and then... What do I do? How do I make the site look at it and/or my page to give the end result? Just upload the key file/s with the other files. Its pretty simple, if you want to set a password for your files or want them to expire after a certain number of days/months/years then you generate your .key file, if not you have to just add 1 file codeSecure.php and it will be safe to distribute in a encrypted state. We have also worked out a way of double encryption, so even if someone breaks thru the first layer they will come up against another layer or extremly hard to read stuff. Cheers, -JB -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: (ANNOUNCE) codeSECURE 1.0 released - - Protecting PHP code
John, et al -- ...and then John Black said... % % Hey again David, Hi! % % Oops. Sorry. I figured you'd need both to have them work together. ... % % Not a problem, I really didn't mind but was just safeguarding myself from % extra work...:-) like if someone sent me 200 files :-D % I wouldn't be able to refuse as I didn't specify the number before There; now you're covered :-) % % BTW, this is probably off-list traffic but if I'm asking common questions % feel free to put it back on the list. % Thanks, will cc this to the list. Okey dokey. % % % % I've obvuscated them and attached them with this mail, but dont overwrite % % your present files because I have not included the key file to open % them. % % If you run them now you would get garbage output...if any. % % Indeed. So how does the key look and what do I do to my code to make my % server show the pages? % % We sell our software with 2 keys, one key looks something like this oÜ??X? % % (this changes according to the password you set when you are encoding) Right. % and the other key is just a normal php script (encoded of course) You mean obfuscated and garbled? OK, but I don't see how the thing will run, then, any more than my garbled scripts! % To make your scripts work all you gotto do is add these two files to the % rest of your files % No making any code changes, % no settings changes etc. % Works with everything including variable variables($$someThing) That's quite cool. So I sent you index.php and you sent me back garbage and I'm supposed to be able to drop this in place along with a key file and have it work... But how can that garbage possibly be used in its encrypted form?? % ... % We have also worked out a way of double encryption, so even if someone % breaks thru the first layer they will come up against another layer or % extremly hard to read stuff. This of course begs the question of why you aren't using that as your standard for the first layer :-) [Perhaps because of execution time or perhaps because of the extra revenue or whatever, but it still begs!] % % Cheers, % -JB TIA HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! pgp0.pgp Description: PGP signature
Re: [PHP] Re: (ANNOUNCE) codeSECURE 1.0 released - - Protecting PHP code
Hey David, % We sell our software with 2 keys, one key looks something like this oÜ??X? % % (this changes according to the password you set when you are encoding) Right. % and the other key is just a normal php script (encoded of course) You mean obfuscated and garbled? OK, but I don't see how the thing will run, then, any more than my garbled scripts! My momma always told me 2 wrongs don't make a right, I think otherwise :-) what I'm trying to say is, since both are garbled they understand the garble language and sort things out % Works with everything including variable variables($$someThing) That's quite cool. So I sent you index.php and you sent me back garbage and I'm supposed to be able to drop this in place along with a key file and have it work... Your garbled scripts talk to the key garbled script (key file) and they ungarble themselves during runtime for php to understand them. But how can that garbage possibly be used in its encrypted form?? That's the whole idea why this is useful and we are trying to sell it. It makes the casual programmer/client or snoop not bother with trying to read/steal/poke your code. % We have also worked out a way of double encryption, so even if someone % breaks thru the first layer they will come up against another layer or % extremly hard to read stuff. This of course begs the question of why you aren't using that as your standard for the first layer :-) [Perhaps because of execution time or perhaps because of the extra revenue or whatever, but it still begs!] Very good question, the answer is pretty simple actually, we couldn't mesh this into one, we just aren't clever enough to do it :-) and had too many problems when we tried. We prefer the 2 step idea, so we have created another online tool based on an open source technology that you use to do your first layer of encryption then use codesecure for your second. When you buy codeSecure you automatically get a *free* membership to the online tool. I'm attaching a screenshot of codeSecure so you can have a look at the simple interface and it should clear a few doubts. Cheers, -JB -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: (ANNOUNCE) codeSECURE 1.0 released - - Protecting PHP code
John, et al -- 1) No screen shot (tee hee). 2) I'm going to just have to accept that the garbage will run just fine since I'm not getting my head around it and you haven't offerred a key. Maybe it's like obnoxious hex codes for IPs in spam emails and it really is runnable directly by the web server; that's a different story. 3) Thanks again for the time and the info. HAND :-D -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, Science and Health http://justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! pgp0.pgp Description: PGP signature
Re: [PHP] Re: (ANNOUNCE) codeSECURE 1.0 released - - Protecting PHP code
Hey David, Hey, that's a nice offer. Thanks, we aim to please :-) this offer is open to _anybody_ on the list, but please send us one file at at time to example encode and not more. work in progress (see it at http://hd-vzw.com/internal/ I got a basic authentication box pop up at me...!!?? Attached are the core engine (index.php) and an included file (mission.inc). Feel free to not obfuscate them if you like :-) but please drop me a note either way. I've obvuscated them and attached them with this mail, but dont overwrite your present files because I have not included the key file to open them. If you run them now you would get garbage output...if any. I'll take this opportunity to throw my sales pitch at you :-D as this is a perfect example of our little program, right now in its present encrypted form its totally useless to you... exactly like if a customer bought software from you, after you confirm payment... you could then email the key file and BANG! everything works! Cheers, -JB -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php