Instead of trying to villify the poster (because a few posters here who are
saying that securely boxing applications is useless appear to have little
understanding of how some companies operate, and the fact that even though
its theoretically possible to reverse engineer something, its
Distributing source code means clients can easily steal our solution and
stop paying licensing fees.
This has been a problem since the beginning of the software industry. The
only proven solution is to give enough support to make it worth their
paying for. Obfuscating and DRM never fully
You can research things such as BoxedApp http://boxedapp.com/. They're
quite expensive. They solve the problem.
--
Job Board: http://jobs.nodejs.org/
Posting guidelines:
https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
You received this message because you are subscribed to
The *private* key would be kept by you. You do have to give them the *
public* key in some sense, but it would be embedded within the custom built
node executable, probably somewhere within the call chain for require. The
encrypted javascript files could be required by this version of node
On Tue, Mar 6, 2012 at 4:32 AM, Ken ken.woodr...@gmail.com wrote:
The *private* key would be kept by you. You do have to give them the *
public* key in some sense, but it would be embedded within the custom
built node executable, probably somewhere within the call chain for
require.
The
On Mon, Mar 5, 2012 at 12:42 AM, Ken ken.woodr...@gmail.com wrote:
I realize this thread has largely devolved into a philosophical discussion
about whether one *should* do this, but I think the technical question of
how one *could* do this is still a valid one. I've thought about this a
On Mon, Mar 5, 2012 at 6:42 AM, Ken ken.woodr...@gmail.com wrote:
I realize this thread has largely devolved into a philosophical discussion
about whether one *should* do this, but I think the technical question of
how one *could* do this is still a valid one.
It is _not_ a philosophical
On 2/26/12 9:18 AM, manimal45 wrote:
I think original poster knows about business/contracts protection.
His question seems to me technical, and would be far from ideal to
consider the case closed.
The original poster probably does not know about copyright and
contracts, otherwise they would
And if your company is small and your clients are big, the balance of
power might be against you.
In my experience, large enterprises pirate the least. They have too much to
lose not to pay a little license fee, they pre-plan their expenditures far
in advance, and the money comes out of a
I don't know why he doesn't just create a few core components in a c library/module and use guilty or closure to obfuscate the rest... Or, look into an ASP (Application Service Provider) model.As to binary deployments... .net and java are both mentioned as more professional, and neither are stand
*add HTTP proxy support (I should check more before sending)
On Fri, Mar 2, 2012 at 8:29 AM, Tim Caswell t...@creationix.com wrote:
I don't have experience with hiding source code (I tend to put everything
I write on github out of habit), but I do know about keeping parts of code
secure and
One simple approach is to simply try to slow down the competition from
stealing your code. Minimizing your code with something like uglify, should
make it harder for someone to take code and continue to work with it (to
make enhancements and changes), at least it would slow them down.
Then
On Feb 24, 11:52 pm, Lalo Martins lalo.mart...@gmail.com wrote:
And please don't co-opt the word “secure” for it.
I'm a dev, not management. I understand the field internally and so
I'm trying to start discussions to securely distribute NodeJS apps.
Anyone wants to vote if C++ EXE's are harder
On Feb 26, 8:09 pm, mscdex msc...@gmail.com wrote:
It'd be neat to be able to have specific modules' (bundled in the node
executable) exported functions not show their source code
when .toString()'ed, kind of like how native C++ functions show
[native code] when .toString()'ed.
Exactly. I
To further expatiate, the reason behind using JavaScript source itself as
the storage is made clear on what little documentation exists for V8.
http://code.google.com/apis/v8/design.html
Essentially the code is compiled to machine code as it's run, upon demand,
based on system conditions and
On Feb 26, 7:18 pm, manimal45 moshir.mik...@gmail.com wrote:
It would be awesome if 'customers' could download node.js apps as
executable.
I've opened a new issue for this. Add your comments there!
https://github.com/joyent/node/issues/2835
--
Job Board: http://jobs.nodejs.org/
Posting
Hallo Jeremy,
as a dev you are in the right position to tell the management the
truth: Every effort spent in securing an application from theft is a
effort better spend on other areas while developing the software. They
really have to decide if it pays out to secure the software more and
more.
A software company has to offer more than just a binary.
--
Job Board: http://jobs.nodejs.org/
Posting guidelines:
https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
You received this message because you are subscribed to the Google
Groups nodejs group.
To post to this group,
There is no such thing as a javascript binary. The code included with node
is stored in string format in the node executable.
No worries, what if the code was compiled via V8, and then stored as a
data file?
Whatever format it is in, if you could just load the same datafile you
would'nt need
On Mon, Feb 27, 2012 at 4:02 PM, Dean Landolt d...@deanlandolt.com wrote:
Whatever format it is in, if you could just load the same datafile you
would'nt need
the source code again.
Wrong.
In my opinion, this is not a Node problem to solve. Obfuscation/source
code
hiding is an
if you put your js libs in the lib directory of the node.js source and
run make, the libs will be included as natives in the compiled node
binary. you can then just require them without a path. e.g. if you
have a module named test.js in the lib dir, then just do the
following:
var test =
I have a similar requirement for a project, and came to the conclusion that
node core could be extended and recompiled to produce custom binaries
(someone with more knowledge can correct me if I am wrong here). With a
little bit of care, you should also get the benefit of all the
quoth Jeremy Rudd as of Thu, 23 Feb 2012 07:56:43 -0800:
*What:* Can NodeJS apps be distributed as binary? ie. you compile the
.js app via V8 into its native binary, and distribute the binary to our
clients? ... or is minifying the code all you can do?
*Why:* We build serverside
23 matches
Mail list logo