I've watched this thread now I'll comment because it applies to many other things.
Yes even if you take some steps to protect your code it may still be distributed, but it WILL be distributed if you don't. Think about security, as a sysadmin I can't just not apply security updates, you apply every security update you can even though someone a determined cracker can still get into your box you eliminate most of the script kiddies. Just because you can circumvent something does not mean it is not worth doing, there is a trade off, security and usability to make something completely secure you make it completely unusable you need to find a middle ground with your systems and your code. As far as banks being robbed, yes they may be robbed but we still lose less money than if left the vault unlocked and just told people to help themselves. Jason -----Original Message----- From: Jason Soza [mailto:[EMAIL PROTECTED]] Sent: Monday, May 13, 2002 4:03 PM To: [EMAIL PROTECTED] Subject: Re: RE: [PHP] Genus who came up with "Self Destruct Code" & "Copy Pro tection" I think the point of all this, and I'm sure I'll be corrected if I've misunderstood, you can spend your time encrypting, obfuscating, whatever, but either your program will get distributed as-is, reverse engineered, etc. If someone wants to do it, they'll do it. Using your example, sure, you're not going to leave your door unlocked because there are a million lock-pickers out there you know could get through your lock. But by locking your door, do you feel safe? Someone could come in a glass window as easily as they pick your lock. Determined thiefs can get around even the biggest doors with the biggest locks. Look at all the bank robberies that have taken place over the past century. I guess the bottom line, you can do what you want with your code, but that doesn't make it hack-proof (or anti-distributable!). Jason Soza ----- Original Message ----- From: "SP" <[EMAIL PROTECTED]> Date: Monday, May 13, 2002 1:48 pm Subject: RE: [PHP] Genus who came up with "Self Destruct Code" & "Copy Pro tection" > Everyone is arguing that these encoders can be > cracked. Does anyone know of one, have you done > it yourself? How long did it take? I mean I'm > not going to leave my door unlocked cuz someone > can pick it open. > > -----Original Message----- > From: Miguel Cruz [mailto:[EMAIL PROTECTED]] > Sent: May 13, 2002 3:29 PM > To: Udo Giacomozzi > Cc: [EMAIL PROTECTED] > Subject: Re: [PHP] Genus who came up with "Self > Destruct Code" & "Copy > Pro tection" > > > On 13 May 2002, Udo Giacomozzi wrote: > > If the whole thing is designed the right way. > > A copy protection I like for example are > dongles. Ok, they are not > > applicable to PHP and aren't 100% secure either > [don't want to start a > > discussion about this now]. But this system > makes no problems for the > > people that have the dongle. > > > > That was why first came up with this question. > As a PHP beginner I wanted > > to know if there are elegant ways to make a > acceptable copy protection. > > > > There seem to be only 3 possibilities: > > - zend encoder > > - a code obfuscator like POBS > > - encrypting the source code and then decrypting > it in realtime > > All of these have weaknesses. And therefore the > whole exercise is moot. It > only takes one person with some free time to break > your protection > scheme, and then the cat's out of the bag. Once it > has been broken, it > will spread and then it won't matter how complex > your scheme was. > > I really doubt there is any software out there > that isn't being traded by > high-school kids, even if they have no idea what > it's for. The only > exceptions would be something so arcane and > obscure that nobody ever had > an interest in cracking it. > > miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php