[CentralOH] Py2Exe and Other Notions -- Continued

Eric Floehr eric at intellovations.com
Mon Mar 21 22:36:05 CET 2011 

James said:


> As I mentioned before, the use of IronPython or similar language to compile
> a "sub-section" of the Python distribution that is primarily in .pyc files
> will obscure the ease of reverse engineering the design. The most standard
> of tools will take the .pyc files back to .py files.
>

.NET assemblies, regardless of language (C#, IronPython, etc.) compile down
to bytecode (called MSIL) which is roughly equivalent to Java class files or
Python .pyc files.  Just like Java and Python, .NET "compiled" code only
gets converted to machine code at execution time.  MSIL is just as easily
decompiled as Java or Python bytecode.


> The primary obstacle to the person who is hacking the program would be
> substantial threading with the model-view-controller paradigm, and custom
> Libraries that get instantiated as sub-classes. We have found this to be the
> case, for example, that subclassing many of the widgets in PySide/PyQt and
> then assigning alternate functions to them (particularly the wide range of
> controls available) will confuse the subject. In addition, making the
> controller truly a controller also confuses the subject. The disadvantage to
> the designer is that with this paradigm the model part of
> model-view-controller tends to be rather well capable of standing on its
> own, so that part of the code becomes easy to decipher.
>
>
>
> As IronClad progresses, as least for Windows platforms IronPython and C#
> subclassing Python routines seem to be a more stable and secure method to
> protect long hours and $$$$ worth of investment in desktop GUI apps written
> with Python. After all, spending 20 to 30 K worth of development for a
> moderate desktop app and then letting it so easily be exposed with .pyc
> files is close to the proverbial giving away the farm.
>

I'm certainly not an expert, but I have worked at two software companies
producing software that was sold in the six-figures per seat.  Believe me
when I say that any determined hacker will get your code if they want it,
but that determined hackers are rare.  At most they will hack your
registration code so they can pirate the software.  Even an encrypted
and obfuscated section of the code was deciphered by pulling the machine
code from memory.  The thing is, they generally don't care how your program
is written.

For most customers, it's still cheaper and easier to buy your product than
to hack it.

As for competitors, your only real recourse is legal.  Make sure you have a
strong license that disallows reverse engineering or decompiling, and a
patent if it is a novel process.  Of course defending the license or patent
in court still requires a lot of money.  Often it's easiest to just stay
ahead of the competition in the marketplace though better sales and
continuous innovation.  Ideas cannot be protected (i.e. everyone can sell a
hamburger).

Cheers,
Eric


>
> James
>
>
>
>
>
> _______________________________________________
> CentralOH mailing list
> CentralOH at python.org
> http://mail.python.org/mailman/listinfo/centraloh
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/mailman/private/centraloh/attachments/20110321/b31487a6/attachment.html>

More information about the CentralOH mailing list