Re: [Python-ideas] I have an encrypted python module format: .pye
On Fri, May 11, 2012 at 6:27 PM, li wang <charlesw123456@gmail.com> wrote:
I want to use python in my product because I like and familiar with python for many years, but I won't let the customer to read and modify my code. So the best way is to encrypt my module .py to .pye.
They scheme you describe only provides a false sense of security. That would be very bad. The only ways to protect your code are a) legally, which is the main one, and b) by not giving it to anyone (and making them access things by a remote interface). A very strong -1 from me. Do not provide wrong-headed, insecure features like this. Mike
On Mon, May 14, 2012 at 10:35 AM, Mike Graham <mikegraham@gmail.com> wrote:
On Fri, May 11, 2012 at 6:27 PM, li wang <charlesw123456@gmail.com> wrote:
I want to use python in my product because I like and familiar with python for many years, but I won't let the customer to read and modify my code. So the best way is to encrypt my module .py to .pye.
They scheme you describe only provides a false sense of security. That would be very bad.
You seem to be assuming security by obscurity is worse than no security. I disagree (although I am not defending it as the sole form of security). Many security professionals are not happy unless multiple levels of security are in place, some of which can only be described as obscurity.
The only ways to protect your code are a) legally, which is the main one,
If you look into legal ways of protecting physical property you'll find that having locks, fences etc. is often necessary for legal protection to apply. That's why so often you'll find "no trespassing" signs (in Holland these even have a specific reference to the law on them).
and b) by not giving it to anyone (and making them access things by a remote interface).
A very strong -1 from me. Do not provide wrong-headed, insecure features like this.
I am -1 on including any support for encrypting bytecode in the standard library, for the same reasons that we *removed* Bastion and rexec -- since it cannot be made perfect, we'd be forever open to criticism and possible liability if someone misunderstood the level of security provided. But I am defending the right of users to implement a level of obscurity that they are comfortable with. At the same time it is good to point out the limits of such schemes. -- --Guido van Rossum (python.org/~guido)
On Mon, May 14, 2012 at 1:46 PM, Guido van Rossum <guido@python.org> wrote:
You seem to be assuming security by obscurity is worse than no security. I disagree (although I am not defending it as the sole form of security). Many security professionals are not happy unless multiple levels of security are in place, some of which can only be described as obscurity.
I would point out: a) It can be worse than no security for the same reason a cotton bulletproof jacket is worse than no bulletproof jacket: it lures you into a false sense of security, and b) The original post asked for a non-obscure, non-secure solution.
If you look into legal ways of protecting physical property you'll find that having locks, fences etc. is often necessary for legal protection to apply. That's why so often you'll find "no trespassing" signs (in Holland these even have a specific reference to the law on them).
This is very true, but I think I might be missing something about your point. Are there places where intellectual property has similar laws or policies? Thanks, Mike
On Mon, May 14, 2012 at 11:00 AM, Mike Graham <mikegraham@gmail.com> wrote:
On Mon, May 14, 2012 at 1:46 PM, Guido van Rossum <guido@python.org> wrote:> If you look into legal ways of protecting physical property you'll
find that having locks, fences etc. is often necessary for legal protection to apply. That's why so often you'll find "no trespassing" signs (in Holland these even have a specific reference to the law on them).
This is very true, but I think I might be missing something about your point. Are there places where intellectual property has similar laws or policies?
<IANAL> Both patent and copyright law have the concept of 'willful infringement' and 'proper notice'. Taking the right steps to make sure the person receiving your IP is aware of your copyright and patent rights can make them a willful infringer and subject to harsher penalties. Conversely, failure to use proper notices means you have less protection. (It used to be that the mere absence of a copyright notice would put your work in the public domain but that is no longer the case.) If you obfuscate the code, the reader of the code cannot claim that you didn't mind if they read it. It makes your intent clear. While simply compiling source to byte codes obfuscates it to some extent, it doesn't send a clear message that you don't want them to read it. A notice at the front of the file saying that you don't want them to read it might be just as good as obfuscation from that standpoint. </IANAL> --- Bruce Follow me: http://www.twitter.com/Vroo http://www.vroospeak.com
Mike Graham wrote:
On Mon, May 14, 2012 at 1:46 PM, Guido van Rossum <guido@python.org> wrote:
You seem to be assuming security by obscurity is worse than no security. I disagree (although I am not defending it as the sole form of security). Many security professionals are not happy unless multiple levels of security are in place, some of which can only be described as obscurity.
I would point out: a) It can be worse than no security for the same reason a cotton bulletproof jacket is worse than no bulletproof jacket: it lures you into a false sense of security, and b) The original post asked for a non-obscure, non-secure solution.
If you look into legal ways of protecting physical property you'll find that having locks, fences etc. is often necessary for legal protection to apply. That's why so often you'll find "no trespassing" signs (in Holland these even have a specific reference to the law on them).
This is very true, but I think I might be missing something about your point. Are there places where intellectual property has similar laws or policies?
Yes, see http://en.wikipedia.org/wiki/Anti-circumvention Take e.g. the EU directive text: "...the expression 'technological measures' means any technology, device or component that, in the normal course of its operation, is designed to prevent or restrict acts..." "Technological measures shall be deemed 'effective' where the use of a protected work or other subjectmatter is controlled by the rightsholders through application of an access control or protection process, such as encryption, scrambling or other transformation of the work or other subject-matter or a copy control mechanism, which achieves the protection objective." There's an important difference between "security by obscurity" and "protection by obscurity". The first is very hard to achieve. The second is made easy by laws and regulations (because the first doesn't work out too well in practice). -- Marc-Andre Lemburg eGenix.com Professional Python Services directly from the Source (#1, May 14 2012)
Python/Zope Consulting and Support ... http://www.egenix.com/ mxODBC.Zope.Database.Adapter ... http://zope.egenix.com/ mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/
2012-07-02: EuroPython 2012, Florence, Italy 49 days to go 2012-04-26: Released mxODBC 3.1.2 http://egenix.com/go28 2012-04-25: Released eGenix mx Base 3.2.4 http://egenix.com/go27 ::: Try our new mxODBC.Connect Python Database Interface for free ! :::: eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48 D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg Registered at Amtsgericht Duesseldorf: HRB 46611 http://www.egenix.com/company/contact/
On Mon, May 14, 2012 at 12:41 PM, M.-A. Lemburg <mal@egenix.com> wrote:
Mike Graham wrote:
I would point out: a) It can be worse than no security for the same reason a cotton bulletproof jacket is worse than no bulletproof jacket: it lures you into a false sense of security, and b) The original post asked for a non-obscure, non-secure solution.
On Mon, May 14, 2012 at 1:46 PM, Guido van Rossum <guido@python.org> wrote:
If you look into legal ways of protecting physical property you'll find that having locks, fences etc. is often necessary for legal protection to apply. That's why so often you'll find "no trespassing" signs (in Holland these even have a specific reference to the law on them).
This is very true, but I think I might be missing something about your point. Are there places where intellectual property has similar laws or policies?
Yes, see http://en.wikipedia.org/wiki/Anti-circumvention
Take e.g. the EU directive text:
"...the expression 'technological measures' means any technology, device or component that, in the normal course of its operation, is designed to prevent or restrict acts..."
"Technological measures shall be deemed 'effective' where the use of a protected work or other subjectmatter is controlled by the rightsholders through application of an access control or protection process, such as encryption, scrambling or other transformation of the work or other subject-matter or a copy control mechanism, which achieves the protection objective."
As I read it, the text of the law quoted above would mean that just releasing the pyc files would be enough, as would running the source though an obfuscator.
There's an important difference between "security by obscurity" and "protection by obscurity". The first is very hard to achieve. The second is made easy by laws and regulations (because the first doesn't work out too well in practice).
Chris
participants (5)
-
Bruce Leban
-
Chris Kaynor
-
Guido van Rossum
-
M.-A. Lemburg
-
Mike Graham