Hey Kasper, We have a method to securely distribute the key for decryption in a way that the client won't be able to use it for decryption on his own but to run the Django project we will have to decrypt the code at some location, I want to make it hard for anyone to access it during this transition. In the end, I want to make it hard for anyone to bypass the licensing mechanism by making changes to the code or to understand the validation logic in place to detect code changes.
Thank you Om Khade On Monday, 20 November, 2023 at 2:36:43 pm UTC+5:30 Kasper Laudrup wrote: > On 20/11/2023 07.25, Om Khade wrote: > > Is there a way to decrypt the code in memory or run the Django project > > from the encrypted code without exposing the decrypted code to the > client? > > > > No, of course there isn't. > > In order to decrypt the data the client needs the key. You can try to > obscure it in various ways but in the end the client will still need the > key so that's fairly pointless. > > Even if you were to be able to hide the key somehow, eg. providing some > TPM like hardware where only you know the key, the data would still be > available unencrypted in memory which sort of defeats the purpose. > > Think about how huge companies with almost unlimited resources and > control of the hardware (eg. Sony Playstation) have tried something > similar without success. > > Spend your energy on providing software your customers will be happy to > use instead and ignore that someone might be violating whatever terms > you distribute it under or let your lawyers deal with that. > > Kind regards, > Kasper Laudrup > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/09d7a9a8-4f3a-4e6d-93ca-17c172fac46an%40googlegroups.com.
