[CentralOH] Eschew^H^H^H^H^Hmbrace Obfuscation

jep200404 at columbus.rr.com jep200404 at columbus.rr.com
Sat May 23 19:05:48 CEST 2015

On Sat, 23 May 2015 11:07:56 +0800, Kenneth Wee <vken85 at gmail.com> wrote:

> 2) Protecting I/P by obfuscation (self-preservation consideration)
> The need for protecting our I/P when customers insist they need to keep
> things local and secure. Which means they get access to code (source or
> not) of the system being deployed, i.e. the cloud is not an option.

Of course the best obfuscation is by mediocre programmers,
but then _nobody_ would understand the code.

If what you are trying to hide is some little algorithm, 
that is hard to hide in any language. Skype spent much 
work on obfuscating their stuff. It was cracked. 
How much of what you are doing is truly novel? 
A big complicated enterprised application would be 
harder to understand, even before getting to reverse-

Otherwise, write good code, then run your code through an 
obfuscator, which mangles the names, 
then ship only the .pyc files. 


At some point, it's easier to rewrite from scratch than 
to reverse engineer obfuscated code. The business folks 
should keep that in mind. The need for updates could 
make reverse-engineering less attractive, 
because that would be like maintaining a private fork. 

More information about the CentralOH mailing list