Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

Re^2: Why is it bad to hide the source?

by marto (Bishop)
on Oct 27, 2010 at 08:52 UTC ( #867658=note: print w/ replies, xml ) Need Help??


in reply to Re: Why is it bad to hide the source?
in thread Why is it bad to hide the source?

Your tool doesn't really hide source at all. See Re^2: What happened to perlcc?.


Comment on Re^2: Why is it bad to hide the source?
Re^3: Why is it bad to hide the source?
by daveola (Acolyte) on Feb 26, 2011 at 08:07 UTC
    See my reply. I know there are ways to extract the source. There always will be. You can "extract source" from a C program as well. And you have to know what you are doing.

    Not to mention that the author:

    A) Didn't fully understand the tool

    B) Didn't give an example on how to actually extract the source.

    Regardless, I know it's possible.

    I know that someone can give me an exact example of how to do it if I search hard enough.

    Great.

    But that doesn't mean that the tool isn't useful.

    Do you lock your house doors? Because I have lock picks and know how to use them. And I can show you how. But I'll bet you'll still lock your door.

        Except that *again* that is actually FALSE.

        The source is NOT initially loaded into a variable with no obfuscation other than Bleach. ikegami is incorrect, hence the 'doesn't understand' claim I make.

        I suggest running 'strings' on an executable made without Bleach to find this source. I recognize that I am using a weak encryption, but I feel that strong encryption would be a bit of overkill here considering what the script has to do next.

        And yes, there is a point where the script exists as plaintext as it it passed to perl, this is essentially unavoidable without modifying perl. I address that issue as well.

        It's pretty amazing to me that I get negative reputation on this board for posting truths, it seems to reply that this board is more of a religious resource rather than a technical resource, though I suppose that may be apparent in the name.

        I understand that some people don't believe in source obfuscation. I get it. Other people do. Heck, most of my source is freely available. I write a tool that allows for the latter group of people to accomplish what they want, with Perl, and I am attacked with misinformation and negative reputation. Really? As an author of a number of publically available perl scripts, as a perl resource, and as a perl advocate, is this how I should be treated, just because I don't have the same religious views on open source?

        Doesn't really inspire me to come back here.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://867658]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (9)
As of 2014-12-27 21:43 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (177 votes), past polls