Python obfuscation

Steven D'Aprano steve at REMOVETHIScyber.com.au
Wed Nov 16 17:24:14 EST 2005 

On Wed, 16 Nov 2005 13:25:50 -0800, The Eternal Squire wrote:

> The teaching of legality and ethics of incorporating
> other peoples' works into one's own should begin at 6th grade and be
> repeated every year until the message is driven home.

I think you have that completely backwards.

Sixth graders have an intuitive understanding of the economics and
morality of using "things" that adults these days rarely have.

Material things, objects, are scarce resources and cannot be taken with
impunity. If I take your black crayon, then you have one less black crayon.

Non-material things, ideas, are not scarce resources. If I take your idea
of writing programs in a high-level language like Python instead of using
machine code, you still have the idea and we are both better off.



> The concept of intellectual property (patent, copyright, trade secret)
> is an extension into the business world of issues regarding the proper
> usage of ideas (e.g. scientific principles) as treated in high school
> and college.

Nonsense. Patents, copyrights and trade secrets are completely and utterly
opposed to proper scientific principles. Alchemists and magicians tried to
monopolise their knowledge. Scientists share. The proliferation of patents
in the medical industry is *hurting*, not helping, medical research:
scientists are reluctant to publish knowledge, or are prohibited by their
employer, and the cost of doing basic research is sky-rocketing due to the
need to pay licence fees.

This is especially obscene when one realises that in the US 80% of the
scientific research that gets patented by private companies is paid for by
tax payer dollars. Your taxes pay for the science which then gets given on
a silver platter to some private company who collects monopoly rents on
that knowledge for 20 years. It is a nice scam if you can get away with
it, and the pharmaceutical companies have got away with it.


>>Do developers, when writing code consider how protected their
>>code will be when considering what language they will write it in
>>i.e ease of use, speed of language, maintainability and
>>'obfuscatability' ?
> 
> Typically not due to a few well-known principles:  1) Essentially an
> optimized (not debug!) compilation from source code to machine language
> is nearly as good as encryption for hindering reverse engineering of
> the distributed code,  

That is utterly wrong. Reverse engineering of even optimized code is
relatively easy. That is one of the big myths that plague the IT industry:
"if I don't release the source code, nobody will be able to work out how
my code works". 

It just doesn't work that way. Just ask the people working on the WINE
project, who have a working, almost complete, bug-for-bug compatible
reverse-engineered Windows emulator, and they've done it in their spare
time.

Or ask the virus writers, who often find bugs and buffer over-flows and
other security holes in software before the guys with the source code find
them.

Reverse engineering object code is harder than reading source, but it is
still not a barrier to anyone serious about working out how your code
works.



[snip]
> The greatest theft of sales opportunities 

Listen to yourself. "The greatest theft of SALES OPPORTUNITIES". What is
that supposed to mean? Not theft of goods, not even theft of ideas, but
the theft of an opportunity to make a sale?

"I might have been able to sell to that person, but now I can't, it's YOUR
FAULT... I'm going to sue!!!"

The greatest "theft" of sales opportunities is COMPETITION, not copying.
If every food store and restaurant in the country shut down except
McDonalds, then they would have all the sales opportunities anyone would
ever want. Every store that competes with them is "stealing" the
opportunity to make a sale.

We've already seen this way of thinking. Listen to Jamie Kellner, chairman
and CEO of Turner Broadcasting System:

"Any time you skip a commercial you're actually stealing the programming."

Listen to the arrogance: "I guess there's a certain amount of tolerance
for going to the bathroom." We need a permission slip from the television
stations to go to the toilet? Heaven forbid we turn the machine off,
that's theft of sales opportunities.

Perhaps somebody should remind these folks, we're not the customer. We're
the product they are selling: they sell our eyeballs to advertisers, who
give them money for the opportunity to be seen by us. If we choose to
skip the commercials, that's just too bad for Jamie Kellner's business
model.



> Ourselves
> and our children are lost generations with respect to ethics, manners,
> and respect for authority, perhaps we can train our grandchildren to
> behave more proprely.

There is too much respect for so-called "authority", not too little.
Respect for authority is just another way of saying "Don't think for
yourself, do as you're told."


-- 
Steven.

More information about the Python-list mailing list