Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

Code Security

 [1/5] from: vkmodgil::yahoo::com at: 2-Sep-2000 18:16


Hi, New to scripting languages as a major tool, here. So my question is what are the general views about the security and protection (against copying) of code in Rebol. How do you make money with something which is seen in source form so easily? I guess its OK with CGI scripts where its all happening at your end and may be combining with a lot of other technology, but applications like data mining look so much more vulnerable??? Vivek

 [2/5] from: norsepower:uswest at: 2-Sep-2000 21:14


Although it is not "secure," I have thought about a way to make it difficult, at least, for others to understand your code. Using a text editor, use search and replace to change the 'words so that they are hard to understand when you read them. For example, change... news-server: input open-server: reform [rejoin ["np: open news://" news-server]] do open-server to... Xz8hUjKLmhT89||hg~: input Yn876asdfGXzeyg|adlfj: reform [rejoin ["POxj724xcUYxq|x|y|q7: open news://" Xz8hUjKLmhT89||hg~]] do Yn876asdfGXzeyg|adlfj Of course, keep a copy of the "readable" code for yourself, but distribute the gobbledygook to everyone else. Hey, maybe someone could write up a code-replacement script for this? Then run the script on the script itself. Hmm... -Ryan

 [3/5] from: norsepower:uswest at: 3-Sep-2000 18:23


More thoughts... 1. Remove all line feeds from the code so that the script is one long line. 2. Create a user.r file that renames all native 'words to gobbledygook. 3. Run a REBOL program against your script which replaces all native 'words with the substitutions from the user.r file. 4. Run a REBOL program against your script which replaces all the rest of the 'words with gobbledygook. Now you should have one long line of code that looks more like a base64 file attachment than a script, but it will run just fine. I'm sure there are more steps one could take to make it at least difficult for others to want to steal your code. -Ryan

 [4/5] from: vkmodgil:yaho:o at: 4-Sep-2000 0:48


Thanks for your suggestions Ryan. I think these will be good deterrants. Vivek --- [norsepower--uswest--net] wrote:

 [5/5] from: rchristiansen:pop:isdfa:sei-it at: 6-Sep-2000 16:43


I can't stop thinking about this and so I have more to say. Perhaps instead of replacing words with long "session ID-like" words (e.g. Xs87Yt5hU43hxx ) you could simply replace them with short words (e.g. 'a 'b 'c etc.) Do this with the native words as well. Then you will have an optimized script, but still difficult to read.