Re: Writing a interpreter extension

< ^ > P N |<>|^_>< --- | ~ ...Help
Kris Leech wrote:
> By reading the key from the binary or reading the un-encrypted code from 
> memory?
> 
> Ryan Leavengood wrote:
>> On 5/22/06, Kris Leech <krisleech / interkonect.com> wrote:
>>> Well there are several aspects to this, I want to protect the code from
>>> being read, from being modified and from internal attacks.
>>>
>>> I could use the file system permissions but its always vunrable to at
>>> least one person. This normally would not be a problem but we are
>>> dealing with sensative data.
>>>
>>> We can make the encrypt key in the interpreter hard to find, not
>>> impossible, but much more secure than having open source code.
>> Try to do this. I bet I could break it in 10 minutes.
>>
>> But against the average person it might work. But the average person
>> is not your problem...
>>
>> Ryan

Haha, you really don't want to go down this road.  If you can't 
accomplish what you are trying to do with proven cryptographic security 
primitives, then you should probably change the use case.  Security 
through obscurity is really a waste of everyones time.  Even if you make 
it quite difficult for people to figure out, it only takes one person to 
do the work and then everyone can take advantage of the crack.

-Jeff