[Python-ideas] I have an encrypted python module format: .pye
M.-A. Lemburg
mal at egenix.com
Mon May 14 21:41:19 CEST 2012
Mike Graham wrote:
> On Mon, May 14, 2012 at 1:46 PM, Guido van Rossum <guido at python.org> wrote:
>> You seem to be assuming security by obscurity is worse than no
>> security. I disagree (although I am not defending it as the sole form
>> of security). Many security professionals are not happy unless
>> multiple levels of security are in place, some of which can only be
>> described as obscurity.
>
> I would point out: a) It can be worse than no security for the same
> reason a cotton bulletproof jacket is worse than no bulletproof
> jacket: it lures you into a false sense of security, and b) The
> original post asked for a non-obscure, non-secure solution.
>
>> If you look into legal ways of protecting physical property you'll
>> find that having locks, fences etc. is often necessary for legal
>> protection to apply. That's why so often you'll find "no trespassing"
>> signs (in Holland these even have a specific reference to the law on
>> them).
>
> This is very true, but I think I might be missing something about your
> point. Are there places where intellectual property has similar laws
> or policies?
Yes, see http://en.wikipedia.org/wiki/Anti-circumvention
Take e.g. the EU directive text:
"...the expression 'technological measures' means any technology, device or component that, in the
normal course of its operation, is designed to prevent or restrict acts..."
"Technological measures shall be deemed 'effective' where the use of a protected work or other
subjectmatter is controlled by the rightsholders through application of an access control or
protection process, such as encryption, scrambling or other transformation of the work or other
subject-matter or a copy control mechanism, which achieves the protection objective."
There's an important difference between "security by obscurity" and
"protection by obscurity". The first is very hard to achieve. The second
is made easy by laws and regulations (because the first doesn't work out
too well in practice).
--
Marc-Andre Lemburg
eGenix.com
Professional Python Services directly from the Source (#1, May 14 2012)
>>> Python/Zope Consulting and Support ... http://www.egenix.com/
>>> mxODBC.Zope.Database.Adapter ... http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/
________________________________________________________________________
2012-07-02: EuroPython 2012, Florence, Italy 49 days to go
2012-04-26: Released mxODBC 3.1.2 http://egenix.com/go28
2012-04-25: Released eGenix mx Base 3.2.4 http://egenix.com/go27
::: Try our new mxODBC.Connect Python Database Interface for free ! ::::
eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48
D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
Registered at Amtsgericht Duesseldorf: HRB 46611
http://www.egenix.com/company/contact/
More information about the Python-ideas
mailing list