In article <E1PApyu-0005R1-BB@davesource.com>, David Ljung Madison
<dave@davesource.com> wrote:
> First of all, thank you for all the work for creating the perlfaq, it's
> a great resource.
>
> However, in perlfaq3 there is this question:
>
> "How can I hide the source for my Perl program?"
>
> The answer is very one-sided. Further discussion is up at perlmonks:
>
> http://www.perlmonks.org/?node_id=867535
>
> Regardless of whether a plug for my specific free (cost) solution
> is added, I think it would be worth mentioning that there *are*
> tools for accomplishing this with various costs and tradeoffs.
I think the perlfaq3 answer already says that there are tools and that
they have trade-offs. I don't see this as one-sided. It's not denying
the existence of other tools.
You write on http://marginalhacks.com/Hacks/perlc/ :
---
These answers are mostly true, and also a big copout. Ignoring the
practicality of hiding the code in most situations just because someone
can get the code is like deciding to not lock your house anymore, just
because locks can be picked.
---
The analogy misses the point.
If I lock my house and someone picks the lock, that one person (or
crew) has access to my house. The risk to that one person is immediate
death if they choose poorly. When my house is compromised, I can fix it
to once again restrict access to everyone. And, picking my lock only
gives someone access to my house, not all houses.
When someone hacks your encoding of your script, the entire internet
now has it. Indeed, one of the biggest problems is that only one person
has to do the work to make it available for everyone. The risk to that
one person is insignificant. That's one of the reasons that software
piracy is such a problem: for most people it's virtually no work at
all, and you can't reverse that. It doesn't matter that there are
potentially few people who can accomplish this because it only takes
one person.
Not only that, when someone compromises your tool, it not only affects
the thing that you're trying hide, but all the things that everyone is
trying to hide with your tool. People like to publish their exploits,
after all (there is even one in Mastering Perl).
So, the history of software anti-piracy has been an arms race. Anything
you do is obsolete shortly.
<dave@davesource.com> wrote:
> First of all, thank you for all the work for creating the perlfaq, it's
> a great resource.
>
> However, in perlfaq3 there is this question:
>
> "How can I hide the source for my Perl program?"
>
> The answer is very one-sided. Further discussion is up at perlmonks:
>
> http://www.perlmonks.org/?node_id=867535
>
> Regardless of whether a plug for my specific free (cost) solution
> is added, I think it would be worth mentioning that there *are*
> tools for accomplishing this with various costs and tradeoffs.
I think the perlfaq3 answer already says that there are tools and that
they have trade-offs. I don't see this as one-sided. It's not denying
the existence of other tools.
You write on http://marginalhacks.com/Hacks/perlc/ :
---
These answers are mostly true, and also a big copout. Ignoring the
practicality of hiding the code in most situations just because someone
can get the code is like deciding to not lock your house anymore, just
because locks can be picked.
---
The analogy misses the point.
If I lock my house and someone picks the lock, that one person (or
crew) has access to my house. The risk to that one person is immediate
death if they choose poorly. When my house is compromised, I can fix it
to once again restrict access to everyone. And, picking my lock only
gives someone access to my house, not all houses.
When someone hacks your encoding of your script, the entire internet
now has it. Indeed, one of the biggest problems is that only one person
has to do the work to make it available for everyone. The risk to that
one person is insignificant. That's one of the reasons that software
piracy is such a problem: for most people it's virtually no work at
all, and you can't reverse that. It doesn't matter that there are
potentially few people who can accomplish this because it only takes
one person.
Not only that, when someone compromises your tool, it not only affects
the thing that you're trying hide, but all the things that everyone is
trying to hide with your tool. People like to publish their exploits,
after all (there is even one in Mastering Perl).
So, the history of software anti-piracy has been an arms race. Anything
you do is obsolete shortly.