I have a concern in developing commercial code with Python. Someone told me that its program can be easily hacked to get its source code. Is it really the case? Any way to protect your source code?
> I have a concern in developing commercial code with Python. Someone told me that its program can be easily hacked to get its source code. Is it really the case? Any way to protect your source code?
> Thanks a lot!
> Jayden
This question has been asked on numerous occasions so if you search the archives you're sure to get loads of answers.
>> I have a concern in developing commercial code with Python. Someone
>> told me that its program can be easily hacked to get its source code.
>> Is it really the case? Any way to protect your source code?
>> Thanks a lot!
>> Jayden
> This question has been asked on numerous occasions so if you search the
> archives you're sure to get loads of answers.
kl. 13:57:14 UTC+2 fredag 28. september 2012 skrev Jayden følgende:
> Dear All, I have a concern in developing commercial code with Python. Someone told me that its program can be easily hacked to get its source code. Is it really the case? Any way to protect your source code? Thanks a lot! Jayden
Python bytecode is not easier to hack than Java or .NET bytecodes. You don't have to distribute your source code. Dropbox and BitTorrent are written in Python. I don't think "hacking the source" is a major problem. You also have the option of compiling parts of the source code to native C DLLs using Cython. If you are very paranoid about protecting your sources, perhaps you shouldn't distribute it at all, but provide a web application?
On Fri, Sep 28, 2012 at 10:18 AM, <stu...@molden.no> wrote:
> Python bytecode is not easier to hack than Java or .NET bytecodes.
This is true, but both java and .net are also relatively easy to decompile.
In general though, why does it matter? What are you trying to protect
yourself against? If you're including secrets in your code like
encryption keys or bank account numbers, there's no way to keep them
out of the hands of a determined attacker that has access to your
file, no matter what language it may be written in.
If you must keep anyone from ever seeing how your code works, the only
way to do that is to keep all the sensitive bits running on a machine
that you control. Typically, you would do that by distributing a
client portion of your application, and also running a web service.
Then you can have your client connect to the web service, request that
the sensitive calculations, or money transfer, or whatever, be done on
the server, and just pass back the results.
kl. 16:38:10 UTC+2 fredag 28. september 2012 skrev Jerry Hill følgende:
> This is true, but both java and .net are also relatively easy to decompile.
Neither of them are very "obfuscated".
> In general though, why does it matter?
Paranoia among managers?
> What are you trying to protect yourself against?
Embarassment?
Patent trolls?
Unauthorized access to priviledged features?
Industrial espionage?
> If you must keep anyone from ever seeing how your code works, the only way to do that is to keep all the sensitive bits running on a machine that you control.
kl. 16:38:10 UTC+2 fredag 28. september 2012 skrev Jerry Hill følgende:
> This is true, but both java and .net are also relatively easy to decompile.
Neither of them are very "obfuscated".
> In general though, why does it matter?
Paranoia among managers?
> What are you trying to protect yourself against?
Embarassment?
Patent trolls?
Unauthorized access to priviledged features?
Industrial espionage?
> If you must keep anyone from ever seeing how your code works, the only way to do that is to keep all the sensitive bits running on a machine that you control.
> kl. 16:38:10 UTC+2 fredag 28. september 2012 skrev Jerry Hill følgende:
>> This is true, but both java and .net are also relatively easy to decompile.
> Neither of them are very "obfuscated".
>> In general though, why does it matter?
> Paranoia among managers?
>> What are you trying to protect yourself against?
Embarassment?
Patent trolls?
Unauthorized access to priviledged features?
Industrial espionage?
Sounds like a web solution is the best way. Use a thin client and run your NSA-level code on a server. It's worth pointing out though that even c/c++ isn't free. If someone wants to decompile or disassemble your code bad enough, it's going to happen.
>> If you must keep anyone from ever seeing how your code works, the only way to do that is to keep all the sensitive bits running on a machine that you control.
> Indeed :)
> Sturla
-- Take care,
Ty
http://tds-solutions.net The aspen project: a barebones light-weight mud engine:
http://code.google.com/p/aspenmud He that will not reason is a bigot; he that cannot reason is a fool; he that dares not reason is a slave.
> I have a concern in developing commercial code with Python. Someone told me that its program can be easily hacked to get its source code. Is it really the case? Any way to protect your source code?
> Thanks a lot!
> Jayden
Nowadays high priced commercial IDE software products shipped with a built in interpreter with some GUI to let users customize their own
needs in designs. This also means examples in source codes to be provided, too.
Anyway even compiled instructions can be iced and reverse engineered
for all the flows of the software.
