John Wells wrote:
> I was speaking with a co-worker today about the disappointment we feel
> when we can't write commercial, distributable client-side code with Ruby
> today...there's just no good way to protect your IP on the client side.
> 
> We came upon a simple(?) idea and I was hoping that the List might help us
> expand it and fill in some gaps:
> 
> Could one not modify the source of the Ruby interpreter to load a public
> key and then only accept code encrypted with the equivalent private
> version?  Would this provide adequate protection, or does it only mean
> that the  hacker would have to download the interpreter and make the same
> modifications, loading my public key into it, and programmatically to spit
> out the unencrypted code after it has passed through decryption?  Is there
> any way to make this sufficiently hard to do so to the point where any
> reasonably complex application is protected?  Similar to byte code
> obfuscation?
> 
> Thanks for your insight.
> 
> John
> 
> 
> 
> 
> 
> 
I use zend encoder now and again when I have a good idea and I don't 
want to give up the recipe to just everyone.

Zend encoder works by doing a pre compile to byte code which makes it 
illegible. It also spices up the deal by locking the code with a key 
from the PC being used. Then when Zend optimizer sees the PHP code is 
already precompiled its job becomes easier. So things speed up accordingly.

So to do this with Ruby would mean that a precompiler or optimizer would 
have to be built first. Something that the server could run and 
interprete the byte code. As of yet there is nothing like this for Ruby. 
But it is being worked on I might guess.

Trying to do it otherwise is a pain in the butt. I have tried with PHP 
and helped with a few obsfucation projects in PHP ASP and VB.

-- 


Tesla - Alternating current, the first modern day opensource project?