obviscating python code for distribution
Chris Angelico
rosuav at gmail.com
Wed May 18 13:52:16 EDT 2011
On Thu, May 19, 2011 at 3:31 AM, John Bokma <john at castleamber.com> wrote:
>> Agreed. Things can be secure if you accept caveats. A good server
>> might be secure as long as attackers cannot, say:
>> * Get physical access to the server, remove the hard disk, and tamper with it
>> * Hold a gun to the developer and say "Log me in as root or you die"
>> * Trigger a burst of cosmic rays that toggle some bits in memory
>
> You forgot the most important one:
>
> * if none of the software running on it has exploitable issues
That's not a caveat. That's a purposeful and deliberate goal. And far
from impossible.
> Personally, I think it's best to understand that no server is ever
> secure and hence one must always be prepared that a breach can happen.
You need to balance the risk of a breach against the effort it'd take
to prevent. See my comments re DOS attacks; it's not generally worth
being preemptive with those, unless you're at a way higher transaction
level than this discussion is about (for those who came in late, it's
a basic network game, and not Google Docs or the DNS root servers or
something). If it's going to impose 500ms latency on all packets just
to prevent the one chance in 1E50 that you get some particular attack,
then it's really not worthwhile. However, it IS possible to ensure
that the server doesn't, for instance, trust the client; those
extremely basic protections are well worth the effort (even if it
seems like a lot of effort).
Chris Angelico
More information about the Python-list
mailing list