Python obfuscation
petantik
petantik.fool at gmail.com
Fri Nov 11 11:11:32 EST 2005
Ben Sizer wrote:
> Mike Meyer wrote:
> > There are ways to distribute
> > Python modules so that the user can't just open them in a text
> > editor. There are also ways to get cryptographic security for
> > distributed modules.
>
> I know distributing as bytecode helps, but I was under the impression
> that the disassembers worked pretty well. With the dynamic nature of
> the language I expect that all the variable names are largely left
> intact. You win some, you lose some, I guess.
>
> As for cryptographic security, could you provide a link or reference
> for this? I am quite interested for obvious reasons. I'd be concerned
> that there's a weak link in there at the decoding stage, however.
>
> I have considered distributing my program as open source but with
> encrypted data. Unfortunately anyone can just read the source to
> determine the decryption method and password. Maybe I could put that
> into an extension module, but that just moves the weak link along the
> chain.
>
> > Yes, if you use the same methods you use in C++,
> > it's "much harder". But by the same token, if you tried to use the
> > methods you'd use in a Python program in C++, you'd find that the C++
> > version was "much harder".
>
> Well, I'm not sure what you mean here. A compiled C++ program is much
> harder to extract information from than a compiled Python program.
> That's without applying any special 'methods' on top of the normal
> distribution process.
>
> > Of course, as Alex pointed out, all of these are just keeping honest
> > people honest. The crooks have all the advantages in this game, so you
> > really can't expect to win.
>
> No, certainly not. But if you can mitigate your losses easily enough -
> without infringing upon anyone else's rights, I must add - then why not
> do so.
>
> --
> Ben Sizer.
The economics of software distribution must certainly come into it,
doing a cost/benefit analysis of whether it's worth the effort to
protect your code from would be crackers.
The problem with code protection methodology in general is that once
its cracked everyone has access to code for, maybe, all software using
the particular protection scheme.
the argument that most people buy software rather than get a pirated
version depends on the country that they are in e.g. china's piracy
problem where shops sell pirated software with no retribution by the
state - remember china is about to be the worlds largest economic
superpower
The above problem illustrate why code needs to be protected in an
effective way, by law and code protection schemes
With python there is no comfort factor in knowing that your code is
being protected, well not than I can see, compared with protection
schemes for compiled code which are used by many commercial software
companies.
Of course, we know that there can never be a 100% way to protect code
that some pirate won't overcome but it still stops the casual user or
beginner 'crackers' from stealing the code and digging in to your
profit margin.
btw i'm no expert on copy protection mechanism but the question I
raised originally, i believe, is valid and should be discussed
http://petantik.blogsome.com - A Lucid Look at Reality
More information about the Python-list
mailing list