Source code

Terje Johan Abrahamsen spoermeg at voldelig.com
Wed Sep 18 01:35:05 CEST 2002


"Alex Martelli" <aleax at aleax.it> wrote in message
news:37fh9.112911$pX1.4044383 at news2.tin.it...
> Martin v. Loewis wrote:
>
> > Gerhard Häring <gerhard.haering at gmx.de> writes:
> >
> >> You should perhaps reconsider if and why you need to hide your source
> >> code.
> >
> > You should also recognize that, if your computer can execute and
> > perform a certain algorithm, users can always observe simulate the
> > computer operations, thus breaking any protection scheme.
> >
> > You'll have to give your customers a sealed computer and no permission
> > to install additional software, or communicate with the internet, if
> > you want to reliably prevent them from analysing your program.
>
> Incidentally, the latter option can be feasible in certain situations:
some
> key parts of your program's functionality might reside on a computer you
> control, accessible to the rest of the application (installed more
> traditionally on users-controlled computers) only as a black box via the
> net.  XML-RPC, SOAP, and other distributed-computing approaches
> such as Corba, make implementing this particularly easy these days.
>
> Feasibility depends on how troublesome it is to demand that the
> users' computers be net-connected whenever the application may
> run, and how time-critical is the round-trip time whenever the
> code that runs on the users' computers must delegate some part
> of an operation to code running on the computer you control.  In
> some application areas these feasibility issues may be killers, in
> others they're no trouble at all.  When the latter conditions prevail,
> this approach does yield something like a protection scheme that
> you can, at least in theory, make "unbreakable" (by satisfying other
> conditions, such as statefulness and other ways to make the part
> running under your control arbitrarily hard to reverse-engineer).

I have been thinking about that. But, I assume a lot of people are not
having a connection that is always on. And, personally I am a little
sceptical to programs that tries to access the net, but doesn't have any
reason to.





More information about the Python-list mailing list