Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight

Re: Production obfuscation

by eyepopslikeamosquito (Chancellor)
on Apr 20, 2012 at 21:38 UTC ( #966268=note: print w/ replies, xml ) Need Help??

in reply to Production obfuscation

I know this horse has been beaten and there is plenty of info out there
Actually, I don't think it has. As the author of Acme::EyeDrops, the only animal I'm aware of being harmed for production obfuscation is not a horse but a frolicking wombat, proposed by `/anick in 2002 to enhance "psychological obfuscation" because "surely the script dealing with super-secret FBI passwords isn't that ASCII picture of a frolicking wombat".

So, I'm want to know issues of Acme::EyeDrops in production and what liabilities I need to be aware that when converted could cause me issue
If you haven't already done so, read the "EyeDropping" section in the Acme::EyeDrops documentation and follow the advice there. As that section indicates, (a non-trivial module) has been successfully converted into 151 camels and all tests still pass. At that time, I was considering distributing the module itself in EyeDrop'ed form but decided against it not because it didn't work but because it was four times slower. Also note that if you set the PERL_SMOKE environment variable before running "make test", the test suite will automatically convert and the test suite itself into camels and run them again. Which passes. So I have fair confidence that you won't hit any serious problems with your approach and if you do, you should be able to work around them (as was done with the "eval-hostile" line in, described in the "EyeDropping" section). Having said that, it would be prudent to have a test suite for your code and to run it both before and after EyeDrop-ification.

Comment on Re: Production obfuscation
Download Code
Replies are listed 'Best First'.
Re^2: Production obfuscation
by jdrago999 (Pilgrim) on Apr 21, 2012 at 21:06 UTC

    I've wondered what's the difference (functionality-wise) between Acme::EyeDrops and Acme::Bleach?

    Has this been covered elsewhere? Filters are interesting.

      I've wondered what's the difference (functionality-wise) between Acme::EyeDrops and Acme::Bleach?
      I'm not aware of a detailed comparison between them. So I might write one as a top level node in the next week or so, if I can find the time (update: new top level node is The History of Acme::Bleach and Acme::EyeDrops).

      Both EyeDrops and Bleach encode the source code. Bleach does so by converting the stream of bits in each source code character to spaces (0) and tabs (1) as indicated by this snippet from its source code:

      sub whiten { local $_ = unpack "b*", pop; tr/01/ \t/; ... }
      In contrast, EyeDrops encodes each "unsightly" (i.e. alphanumeric) character by using a bitwise operator on two or more "sightly" (i.e. non-alphanumeric) ones. This is done via a lookup table as indicated by this snippet from its source code:
      my @C = ( q Z('!'^'!')Z,q Z('('^')')Z,q Z('<'^'>')Z,q Z('>'^'=')Z, q Z('>'^':')Z,q Z('>'^';')Z,q Z('+'^'-')Z,q Z('*'^'-')Z, q Z('+'^'#')Z,q Z('*'^'#')Z,q Z('!'^'+')Z,q Z('!'^'*')Z, q Z('!'^'-')Z,q Z('!'^',')Z,q Z('!'^'/')Z,q Z('!'^'.')Z, q Z('?'^'/')Z,q Z('<'^'-')Z,q Z('-'^'?')Z,q Z('.'^'=')Z, q Z('+'^'?')Z,q Z('*'^'?')Z,q Z('?'^')')Z,q Z('<'^'+')Z, q Z('%'^'=')Z,q Z('&'^'?')Z,q Z('?'^'%')Z,q Z('>'^'%')Z, q Z('&'^':')Z,q Z('<'^'!')Z,q Z('?'^'!')Z,q Z('%'^':')Z, q Z('{'^'[')Z,q Z'!'Z,q Z'\\\\'.'"'Z,q Z'#'Z, q Z'\\\\'.'$'Z,q Z'%'Z,q Z'&'Z,q Z"'"Z,q Z'('Z,q Z')'Z, q Z'*'Z,q Z'+'Z,q Z','Z,q Z'-'Z,q Z'.'Z,q Z'/'Z, q Z('^'^('`'|'.'))Z,q Z('^'^('`'|'/'))Z,q Z('^'^('`'|','))Z, q Z('^'^('`'|'-'))Z,q Z('^'^('`'|'*'))Z,q Z('^'^('`'|'+'))Z, q Z('^'^('`'|'('))Z,q Z('^'^('`'|')'))Z,q Z(':'&'=')Z, q Z(';'&'=')Z,q Z':'Z,q Z';'Z,q Z'<'Z,q Z'='Z,q Z'>'Z,q Z'?'Z, q Z'\\\\'.'@'Z,q Z('`'^'!')Z,q Z('`'^'"')Z,q Z('`'^'#')Z, q Z('`'^'$')Z,q Z('`'^'%')Z,q Z('`'^'&')Z,q Z('`'^"'")Z, q Z('`'^'(')Z,q Z('`'^')')Z,q Z('`'^'*')Z,q Z('`'^'+')Z, q Z('`'^',')Z,q Z('`'^'-')Z,q Z('`'^'.')Z,q Z('`'^'/')Z, q Z('{'^'+')Z,q Z('{'^'*')Z,q Z('{'^')')Z,q Z('{'^'(')Z, q Z('{'^'/')Z,q Z('{'^'.')Z,q Z('{'^'-')Z,q Z('{'^',')Z, q Z('{'^'#')Z,q Z('{'^'"')Z,q Z('{'^'!')Z,q Z'['Z, q Z'\\\\'.'\\\\'Z,q Z']'Z,q Z'^'Z,q Z'_'Z, q Z'`'Z,q Z('`'|'!')Z,q Z('`'|'"')Z,q Z('`'|'#')Z, q Z('`'|'$')Z,q Z('`'|'%')Z,q Z('`'|'&')Z,q Z('`'|"'")Z, q Z('`'|'(')Z,q Z('`'|')')Z,q Z('`'|'*')Z,q Z('`'|'+')Z, q Z('`'|',')Z,q Z('`'|'-')Z,q Z('`'|'.')Z,q Z('`'|'/')Z, q Z('['^'+')Z,q Z('['^'*')Z,q Z('['^')')Z,q Z('['^'(')Z, q Z('['^'/')Z,q Z('['^'.')Z,q Z('['^'-')Z,q Z('['^',')Z, q Z('['^'#')Z,q Z('['^'"')Z,q Z('['^'!')Z,q Z'\\\\'.'{'Z, q Z'|'Z,q Z'\\\\'.'}'Z,q Z'~'Z,q Z('!'^'^')Z ); push @C, map(join('.', q#'\\\\'#, $C[120], map($C[$_], unpack('C*', sprintf('%x', $_)))), 128..255); sub ascii_to_sightly { join '.', map($C[$_], unpack('C*', $_[0])) }
      (See also the "Sightly Encoding" section in the Acme::EyeDrops documentation).

      The big difference between the two approaches lies in the decoding. Because EyeDrops encodes into a form that perl can execute unaided, it simply lets perl decode it via eval and so does not require Acme::EyeDrops to be installed on the target system.

      In contrast, perl by itself cannot make sense of a raw stream of spaces and tabs and so requires Acme::Bleach to be installed on the target system to decode and eval the "bitstream" of spaces and tabs.

      As a consequence, Bleach has to be involved at compile time (which is why it overwrites the file and fiddles with $0). EyeDrops, on the other hand, does not mangle the original file, simply reads it and writes a new (encoded and shaped) one.

      Put another way, Bleach is a Perl "source filter" (e.g. see Filter::Simple), while EyeDrops is not. EyeDrops is simply an encoder and shaper of the bytes in a source code file. The hardest part of writing EyeDrops was not the (sightly) encoding, but the heuristics required to pour the encoded bytes into a wide variety of shapes.

        Thank you, sir, for your detailed explanation. The differences between the two are now perfectly clear.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://966268]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (2)
As of 2016-02-09 01:38 GMT
Find Nodes?
    Voting Booth?

    How many photographs, souvenirs, artworks, trophies or other decorative objects are displayed in your home?

    Results (294 votes), past polls