On Apr 23, 2004, at 10:53 PM, [EMAIL PROTECTED] wrote:
sez [EMAIL PROTECTED]:If I was going to create Revolution code that I wanted to give toI don't think what you're asking for is possible. If you don't want to go
others but that I wanted to make sure that they could not change in the
Revolution Editor, how would I protect it? I'd want people to be able
to call it and compile it into their standalone apps. My preference is
to not use an XCMD kind of thing because I'd like to write once, lock,
and then allow people to deploy everywhere.
the XCMD route, your code *will* be plain vanilla ASCII at some point, and
anyone who wants to muck with said code will be able to do so at that point.
Perhaps if I knew what goal you're striving towards, I might be able to offer some
helpful advice: Are you trying to stop code thieves, or are you trying to
ensure that the user will always have a pristine copy of your code in case they
*do* screw it up horribly, or what?
We are going to have a Kagi Registration Module for RunRev and that module will basically be a mini-store that someone would embed into their RunRev application. When the customer decides to buy, the app would call the KRM, it would gather customer purchase data (including credit card info) bundle it up, send it securely to Kagi, Kagi processes it, generates a registration code, and sends that code back to the app, the app installs the code and the entire purchase cycle is complete.
Want to make sure that it is less than trivial for a malicious coder to take the KRM, and hook extra code into it that would send the credit card data to some other server that should not be receiving credit card data, embed the modified KRM into software that they are selling, and then use KRM to steal credit cards.
I realize that in the end, everything is modifiable if you really know your stuff and that less than trivial does not mean impossible. The goal is to make it difficult to make these kinds of mods. Ultimately the protection against this happening is that we will see the pattern and we will be able to call in police to arrest the software author who might do such a thing. I'd just like to make it difficult for someone to consider this avenue of crime. It would be a rather stupid crime given that only one person could commit it (the software author) and the proof would be easy to establish (their software, their server).
The reason for regular runrev code versus an XCMD is that we would like to "write once run everywhere" by making this as standard as possible.
Thanks, Kee Nethery
_______________________________________________ use-revolution mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/use-revolution
