dear all,
first of all, thank you for the respond of my inquiry. And then, there
is a few questions I would like to ask:
1. if someone takes your works and then he steals the credit by claiming
the work is his work instead of your work, what will you do?
2. if someone has a problem, he does not want to try to find a way to
solve the problem first, and then he asks your help and then problem
solved, then he is blaming the person who already helped him and
claimed, that is his work. what will you do?
This is kind of some images of this dishonest person.
I do not mind to share my code to the person, if he does not have that
character.
So far, I am using the perl code for web application in a hosting
server. But this time, I have to create a web application on a on
premise server.
I am not an expert yet in perl and still learning although I know perl
when I got still in my university 19 years ago.
regards,
Eko Budiharto
On 07/07/19 14.54, Kent Fredric wrote:
On 7/6/19 11:21 PM, Eko Budiharto wrote:
it is a web application but it is on premise. The user is not honest.
That's why I am trying to find a way to protect the source code like
in java we can compile into java class and still can be run.
That's a false sense of securtiy. A sufficiently "dishonest" person
can decompile your class files back into source.
It may not be the original source, comments may be lost, function
names and variables may become nonsensical, ( but this last part
typically requires additional obfuscation beyond the standard java
compiler )
But the logic, the interface, and all the metadata required to make
backtraces remotely comprehensible, is all still there for anyone who
wants to look.
I read some articles in the internet. Some method are using PAR,
perlc, Filter::Crypto, acme::bleach, but I am not sure it will encrypt
the source code and it still can be runnable.
Perl is basically the same, you can make it harder for the laziest of
people to obtain readable source code, but ultimately, all these
systems are obfuscation, _not_ protection, they all internally decode
the code first before handing it over to the perl interpreter, as
that's the only way to get it to execute. All an enterprising person
has to do is put some glue between that decoder and the perl runtime,
and the code reveals itself. Or ... you simply need to have that
decoded stuff loaded in memory, and then point deparse at the
in-memory function, and it will spit out something that looks a lot
like the original code.
In short, the time invested in this aspect will basically cost you
money, without materially giving you anything for it. And worse, it
increases the odds that your code will randomly stop working,
frustrating your user, making them swear to never do business with you
again, _AND_ then forcing them to attempt to break your "protection"
in order to fix their broken code.
Just don't bother.
Either simply place the software on a platform where they have no
access to any form of the code whatsoever, not even in its executable
state ( as Uri says ), or put an Iron Clad contract on it that
empowers you to sue the pants off them if they do anything you don't
like with it.
Spend your time working on making a great product that works and makes
them happy so they never *need* to reverse-engineer it, so they never
*need* to compete with you, and you'll have a customer for life.
Don't waste time and money on misguided attempts at "protecting your
code" which will only make you enemies and give your competition the
advantage.
( This stupidity has been tried ad-infinitum in everything, and entire
websites now exist for the sole purpose of distributing defeat
mechanisms, and distributing defeated copies of the software. Its an
arms race, one you will ultimately lose. )
--
To unsubscribe, e-mail: beginners-unsubscr...@perl.org
For additional commands, e-mail: beginners-h...@perl.org
http://learn.perl.org/
