Is it possible to take a kivy md app I have and distribute it on a raspberry pi
Dean-O Rochester
Elliot Garbus
Yes it is possible to have code that runs on MacOS ported to Raspberry Pi.
Protecting the source code is more of a challenge.
When you build an executable with Pyinstaller, Python, your .pyc files, and the other code required to run your app are bundled together. The .pyc files are not the source code so they may be effective in keeping honest people honest, but there are a number of tools for “decompliling” pyc files back to .py files.
You could also create some additional friction for someone trying to copy your code by obfuscating your code. This would jumble the variables names making the code more difficult to understand and maintain. See: pyminifier, http://liftoff.github.io/pyminifier/obfuscate.html
What are your objectives for protecting the source code? Who are you protecting the source code from?
There might be other approaches that could work.
--
You received this message because you are subscribed to the Google Groups "Kivy users support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kivy-users+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/kivy-users/b6cfd2a5-8dfb-4e0d-a475-649fe5bcd0d8n%40googlegroups.com.
Tomek CEDRO
> I have a kivy md app I created on my mac and would like to port it to a raspberry pi.
and system dependencies (like on mac) and it should work :-)
On my FreeBSD kivy app works even in bare terminal framebuffer with no
Xorg running (no input but that should be fixable) so it should be
also possible on Linux + rPI but I did not try that yet.. for display
only applications that would save some resources :-)
> second, how do I make it so the source code is protected?
on a desktop (only Android and iOS):
https://kivy.readthedocs.io/en/master/guide/packaging.html
If you compile everything that should be enough protection (still
possible to reverse engineer). Not sure if bundle is compiled or
packaged, did not go that path yet sorry.
--
CeDeROM, SQ7MHZ, http://www.tomek.cedro.info
Dean-O Rochester
On Jan 5, 2023, at 5:18 PM, Elliot Garbus <elli...@cox.net> wrote:
You received this message because you are subscribed to a topic in the Google Groups "Kivy users support" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/kivy-users/1Hr9WtZ1GYc/unsubscribe.
To unsubscribe from this group and all its topics, send an email to kivy-users+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/kivy-users/63b74c9b.170a0220.b4641.40f8SMTPIN_ADDED_MISSING%40gmr-mx.google.com.
Elliot Garbus
This is a python problem. If you fix it for python you have solved it for kivy.
But more specifically – what is the threat? If you don’t want anyone to see your source code, obfuscating it is probably a sufficient barrier.
This will not prevent anyone from taking and running your code – but they will have a difficulty understanding it.
If you need to keep the code confidential, create a web app and run the code remotely. If you have a local app you can only keep honest people honest.
You could consider a software license that restricts the use of the app, this gives you a path to sue the user if they have take an unauthorize action.
You could require the user to sign in to use the app.
Any solution, in any language, can be cracked depending on the level of enthusiasm and skill of the hacker.
Can you be more specific about what you are creating, and the threat?
To view this discussion on the web visit https://groups.google.com/d/msgid/kivy-users/0E079350-59E8-4B2F-A52B-5AB4ABBC4D1D%40gmail.com.
Dean-O Rochester
Robert
To repeat what Elloit said in a different way:
- compile the code, perhaps write in Cython, however your client will be machine specific, and disassemblers exist so with enough effort...
- obscure the source code with some name scrambler, just make it painful for them.
Tomek CEDRO
> I see with a directory permissions rxx I can protect my application.
You need to have read permission to a file in order to read its
content, and execute permission so interpreter can "launch" it as
program. So anyone that can run your program also must be able to read
the file that contains the program.
Filesystem permissions are no protection of the source code, because
someone can read the file content anyways, or find a way to obtain the
file content the other way even if he/she is not supposed to read them
(i.e. filesystem dump, privileged process takeover, etc).
> I want to make sure someone doesn't have access to my source code other than to execute it. Normal protection of an application. Protecting intellectual property.
you may want to go beyond the python bundle and compile everything
into a binary form, then link it into a single file binary application
(I think build for Android works that way more or less). This way
someone would have to decompile not only a *.pyc bytecode but whole
binary application that was obfuscated before. Not sure if there is a
out-of-the-box way to do that in Kivy.
But here too, if CPU can run the code, then someone can also trace all
machine code instructions and revert them back to assembly language or
even higher level source code (so called decompilation). People can
reverse-engineer bootloaders, device drivers, even whole firmwares
that way.
If you want to go further you can also encrypt your binary application
code. Question is how you want to decrypt it then in order to make it
run. If you use local filesystem for key storage then someone can
simply copy it and manually decrypt the application. If you want to
store key in hardware component, then someone can sniff out the
traffic from the electrical wires between TPM and CPU in order to
obtain the key. Even if someone is not able to obtain the key in any
way, then you may ask how the code runs when it is already decrypted?
Well it is loaded into RAM memory so CPU can execute it. Then you can
use hardware debug probe to halt the device and dump its memory in
order to obtain your applicarion's machine code along with all
variables values at that moment.
You may then wonder hey there was DRM invented for protecting
intellectual property. Go ahead and have fun :-)
As Elliot suggested, you need to know all of those details in order to
know what you really want to protect and from who, what is the cost of
loosing sensitive data, how determined are people to really want to
get your code, what will you do when the source code is revealed, etc
etc. There may be teams of people in a company that may create a
protection for a single application, at the same time there are teams
of people that would find fun in breaking that protection.
You may put the "sensitive" part on a remote server as the backend
code, then only serve requests and responses over encrypted rest api.
That way "frontend client" application is "dumb", it only asks the
questions and gets the answers, knows nothing on how data is processed
(i.e. can order some food, pay for the food, but does not know how to
cook on its own). But you need internet connection to work that way
(it may not work in forest, mountains, or Antarctica). Also the server
that runs the secret code is yet another computer somewhere out there
with a set of files you know :-)
More you know the details less "Normal protection of an application" is :-)
And the last question: have you considered Open-Source ? :-)
https://en.wikipedia.org/wiki/Computer_security
https://en.wikipedia.org/wiki/Copy_protection
https://en.wikipedia.org/wiki/Digital_rights_management
Have fun :-)