Python obfuscation
Yu-Xi Lim
yuxi at ece.gatech.edu
Sat Nov 12 03:30:07 EST 2005
Alex Martelli wrote:
> There is no effective manner of protecting your code, except running it
> only on well-secured machines you control yourself. If you distribute
> your code, in ANY form, and it's at all interesting to people with no
> interest in respecting the law, then, it WILL be cracked (and if users
> choose to respect the law, then you need no "protecting").
Indeed. An this extends to web services too. If you have input which can
be observed (or even better, controlled) and output that can be observed
too, one would be able to infer the workings of the code (reverse
engineering in one of its purest forms).
If your business strategy relies heavily on a proprietary algorithm or
even something as weak as lock-in via a proprietary "un-interoperable"
data format, then web services is not the final answer. It may work for
certain applications (Microsoft's for example) where the cost of reverse
engineering is equivalent to the cost of building from scratch.
More information about the Python-list
mailing list