Source code

[Alex Martelli]

Martin v. Loewis wrote:

> Gerhard Häring <gerhard.haering at gmx.de> writes:
> 
>> You should perhaps reconsider if and why you need to hide your source
>> code.
> 
> You should also recognize that, if your computer can execute and
> perform a certain algorithm, users can always observe simulate the
> computer operations, thus breaking any protection scheme.
> 
> You'll have to give your customers a sealed computer and no permission
> to install additional software, or communicate with the internet, if
> you want to reliably prevent them from analysing your program.

Incidentally, the latter option can be feasible in certain situations: some 
key parts of your program's functionality might reside on a computer you
control, accessible to the rest of the application (installed more 
traditionally on users-controlled computers) only as a black box via the 
net.  XML-RPC, SOAP, and other distributed-computing approaches
such as Corba, make implementing this particularly easy these days.

Feasibility depends on how troublesome it is to demand that the
users' computers be net-connected whenever the application may
run, and how time-critical is the round-trip time whenever the
code that runs on the users' computers must delegate some part
of an operation to code running on the computer you control.  In
some application areas these feasibility issues may be killers, in
others they're no trouble at all.  When the latter conditions prevail,
this approach does yield something like a protection scheme that
you can, at least in theory, make "unbreakable" (by satisfying other
conditions, such as statefulness and other ways to make the part
running under your control arbitrarily hard to reverse-engineer).


Alex