> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Friday, January 14, 2000 1:22 PM
> To: [EMAIL PROTECTED]
> Subject: [REBOL] how to create a hidden or encrypted script? Re:(6)
> I believe the proposal I offered would be able to deal with your
> concern, as the encryption took a block! as argument; 'do-crypt
> decrypted, and applied 'do to, the encrypted block.
Hi, having some knowledge about the dark-side of software-protection I want
to throw in some points (BTW: I support the idea of being able to 'hide'
some parts of a Rebol project to create a commercial market for Rebol
applications. For scripting languages, this is more relevant than for C++
sources IMO as 100 KLOC doesn't help a lot... but looking at about 1 KLOC
of Rebol is OK). Anyway here are my points:
- if Rebol is holding a decoded plaint-text version in memory, forget about
it, it takes perhaps 60 seconds to find the decrypted stuff. This is quite
likely, how else should the source command work?
- if Rebol is holding a byte-code representation (BTW: than should Rebol be
compilable) I'm sure a reverse-engineering of the byte-code should be
possible (I expect it to be very clear if it's done by Carl). But this
won't be needed at all if the source command re-creates source-code.
Allocate a binary block big enough to hold your decrypted byte-code,
replace this block with the byte-code and execute source...
Perhaps a better idea than would be to pre-compile blocks of Rebol source
into a binary format. This format can than be executed as is, be placed in
the source-code. It could be blocked like:
hide
[
... your source to hid ...
]
If executed with do/transform %myscript.r a new output file will be
written, which now contains the binary parts, perhaps like
hidden
[
#{339392232A...}
]
Of course you can reverse engineer this too but no protection is safe...
IMO byte code is a good way to hide such stuff and should give a
considerable protection level.
Robert M. Muench, Karlsruhe, Germany
==> ask for PGP public-key <==
When do you want to reboot today?
Use the free portable GUI Library
OpenAmulet from http://www.openip.org
