C++Talk.NET C++ language newsgroups   Archives   FAQ   Search   Memberlist   Usergroups   Register   Profile   Log in to check your private messages   Log in  code obfucation          C++Talk.NET Forum Index -> C++ language (comp.lang.c++) View previous topic :: View next topic   Author Message Gernot Frisch Guest Posted: Thu Sep 22, 2005 7:30 am    Post subject: code obfucation Hi, we are forced to provide C++ sources to another company. Now, we want the interfaces to be accessable, but the contents of each method obfuscated. Is there any (free?) software that does this, or do we have to write our own? Best regards, -Gernot int main(int argc, char** argv) {printf ("%silto%c%cf%cgl%ssic%ccom%c", "ma", 58, 'g', 64, "ba", 46, 10);} Back to top Greg Guest Posted: Thu Sep 22, 2005 7:48 am    Post subject: Re: code obfucation Gernot Frisch wrote: Quote: Hi, we are forced to provide C++ sources to another company. Now, we want the interfaces to be accessable, but the contents of each method obfuscated. Is there any (free?) software that does this, or do we have to write our own? Best regards, -Gernot int main(int argc, char** argv) {printf ("%silto%c%cf%cgl%ssic%ccom%c", "ma", 58, 'g', 64, "ba", 46, 10);} Your best bet is to scan comp.lang.c++ postings and find a really bad C++ programmer. Hire this person (for little pay) to "improve" your code. In very short order, your sources will be completely indecipherable. Greg Back to top Gernot Frisch Guest Posted: Thu Sep 22, 2005 7:59 am    Post subject: Re: code obfucation "Greg" <greghe (AT) pacbell (DOT) net> schrieb im Newsbeitrag news:1127375298.049600.224950 (AT) g44g2000cwa (DOT) googlegroups.com... Quote: Gernot Frisch wrote: Hi, we are forced to provide C++ sources to another company. Now, we want the interfaces to be accessable, but the contents of each method obfuscated. Is there any (free?) software that does this, or do we have to write our own? Best regards, -Gernot int main(int argc, char** argv) {printf ("%silto%c%cf%cgl%ssic%ccom%c", "ma", 58, 'g', 64, "ba", 46, 10);} Your best bet is to scan comp.lang.c++ postings and find a really bad C++ programmer. Hire this person (for little pay) to "improve" your code. In very short order, your sources will be completely indecipherable. Would you volunteer no, honestly - it should compile and run afterwards... Back to top Kai-Uwe Bux Guest Posted: Thu Sep 22, 2005 8:02 am    Post subject: Re: code obfucation Gernot Frisch wrote: Quote: Hi, we are forced to provide C++ sources to another company. Now, we want the interfaces to be accessable, but the contents of each method obfuscated. Is there any (free?) software that does this, or do we have to write our own? I have no idea on the technical aspect of your question. However, if by "forced" you mean that a court ruled that you have a contractual or legal obligation to provide the source, you can be pretty darn sure that the court will not be pleased by the move you plan. The other party will simply get an injunction and you will have to fork over unobfuscated code a little later. Note that the GPL for instance defines "The source code for a work means the preferred form of the work for making modifications to it." I am inclined to assume that any court will find a definition like this to be reasonable and hence will interpret your obligation to provide source code to mean exactly this: provide the source that you are hacking not some processed version of it. Best Kai-Uwe Bux Back to top Gernot Frisch Guest Posted: Thu Sep 22, 2005 8:23 am    Post subject: Re: code obfucation Quote: I have no idea on the technical aspect of your question. However, if by "forced" you mean that a court ruled that you have a contractual or legal obligation to provide the source, you can be pretty darn sure that the court will not be pleased by the move you plan. The other party will simply get an injunction and you will have to fork over unobfuscated code a little later. Note that the GPL for instance defines "The source code for a work means the preferred form of the work for making modifications to it." I am inclined to assume that any court will find a definition like this to be reasonable and hence will interpret your obligation to provide source code to mean exactly this: provide the source that you are hacking not some processed version of it. No. We cooperate with them, but they want our program (which is a plugin of theirs) to be copmpiled on their server (for version conflicts). Now, we don't want to give readable code away, so it should _just_ compile, nothing more. Back to top Ian Guest Posted: Thu Sep 22, 2005 8:44 am    Post subject: Re: code obfucation Gernot Frisch wrote: Quote: No. We cooperate with them, but they want our program (which is a plugin of theirs) to be copmpiled on their server (for version conflicts). Now, we don't want to give readable code away, so it should _just_ compile, nothing more. Why bother? Don't you trust them? If not, use an NDA. Ian Back to top Gernot Frisch Guest Posted: Thu Sep 22, 2005 9:22 am    Post subject: Re: code obfucation Quote: No. We cooperate with them, but they want our program (which is a plugin of theirs) to be copmpiled on their server (for version conflicts). Now, we don't want to give readable code away, so it should _just_ compile, nothing more. Why bother? Don't you trust them? If not, use an NDA. The code contains knowledge that is valuable. Not the code itself. Back to top Havatcha Guest Posted: Thu Sep 22, 2005 10:21 am    Post subject: Re: code obfucation Gernot Frisch wrote: Quote: No. We cooperate with them, but they want our program (which is a plugin of theirs) to be copmpiled on their server (for version conflicts). Now, we don't want to give readable code away, so it should _just_ compile, nothing more. Why bother? Don't you trust them? If not, use an NDA. The code contains knowledge that is valuable. Not the code itself. Pop over yourself with the code, compile it for them on their server, erase all traces of the source, exit through the toilet window, remove your fake moustache and hotfoot it into the night. Back to top Greg Guest Posted: Thu Sep 22, 2005 11:01 am    Post subject: Re: code obfucation Ian wrote: Quote: Gernot Frisch wrote: No. We cooperate with them, but they want our program (which is a plugin of theirs) to be copmpiled on their server (for version conflicts). Now, we don't want to give readable code away, so it should _just_ compile, nothing more. Why bother? Don't you trust them? If not, use an NDA. Ian There is always a risk that the code could be disclosed, either by accident or by a security lapse. If the company needs the source files just for building, then they would probably prefer having an obfuscated copy, simply to lower their potential liability. There are indeed many products to obfuscate source code. A web search should turn some up. I know that http://www.semanticdesigns.com has one, for example. But I have never used it or any other obfuscator. Alternately, writing one's own obfuscator appears to be a common practice. Greg Back to top Fraser Ross Guest Posted: Thu Sep 22, 2005 1:35 pm    Post subject: Re: code obfucation Have you considered giving them a LIB file and header files? They would have to have the same compiler. Fraser. Back to top Dave Rahardja Guest Posted: Fri Sep 23, 2005 2:10 pm    Post subject: Re: code obfucation On Thu, 22 Sep 2005 10:23:07 +0200, "Gernot Frisch" <Me (AT) Privacy (DOT) net> wrote: Quote: No. We cooperate with them, but they want our program (which is a plugin of theirs) to be copmpiled on their server (for version conflicts). Now, we don't want to give readable code away, so it should _just_ compile, nothing more. Looks like your company needs better lawyers. Is it possible to offer to compile the code at _your_ site using _their_ specified environment? Yes, there are code obfuscators, but it sounds like you're trying to answer the wrong question. Like I said, this is a legal problem, not necessarily a technical one. Plus, what happens when the code obfuscator inserts bugs in your code? -dr Back to top Ira Baxter Guest Posted: Sat Sep 24, 2005 9:06 pm    Post subject: Re: code obfucation "Dave Rahardja" <ask (AT) me (DOT) com> wrote Quote: On Thu, 22 Sep 2005 10:23:07 +0200, "Gernot Frisch" wrote: Yes, there are code obfuscators, but it sounds like you're trying to answer the wrong question. Like I said, this is a legal problem, not necessarily a technical one. Plus, what happens when the code obfuscator inserts bugs in your code? Code obfuscators don't insert bugs in your code. (I suppose a buggy obfuscator might do that. Building an obfuscator that works parses like compilers do is a way to ensure you don't have a problem.) They can completely preserve the exact functionality. If your code has no bugs in it, the obfuscated version won't have them. If your code does have bugs, so will the obfuscated version. I will agree that the properly paranoid software company should test the unobfuscated version, and the obfuscated version, both, as due diligence. -- Ira D. Baxter, Ph.D., CTO 512-250-1018 Semantic Designs, Inc. www.semdesigns.com Back to top Dave Rahardja Guest Posted: Sun Sep 25, 2005 2:41 am    Post subject: Re: code obfucation On Sat, 24 Sep 2005 16:06:46 -0500, "Ira Baxter" <idbaxter (AT) semdesigns (DOT) com> wrote: Quote: Code obfuscators don't insert bugs in your code. Sure, and compilers don't have bugs. -dr Back to top Greg Guest Posted: Sun Sep 25, 2005 9:52 am    Post subject: Re: code obfucation Dave Rahardja wrote: Quote: On Thu, 22 Sep 2005 10:23:07 +0200, "Gernot Frisch" <Me (AT) Privacy (DOT) net> wrote: Plus, what happens when the code obfuscator inserts bugs in your code? -dr You use a different obfuscator. Even though the source code is obfuscated - detecting any bugs introduced by the obfuscator is trivial. Just verify that the binary compiled from the unobfuscated sources and the binary compiled from the obfuscated sources - are identical. Greg Back to top Ira Baxter Guest Posted: Sat Oct 01, 2005 4:20 pm    Post subject: Re: code obfucation "Dave Rahardja" <ask (AT) me (DOT) com> wrote Quote: On Sat, 24 Sep 2005 16:06:46 -0500, "Ira Baxter" wrote: Code obfuscators don't insert bugs in your code. Sure, and compilers don't have bugs. This seems like a sour grapes answer. The frequency of bugs in obfuscators is arguably less than the frequency of bugs in your compiler; after all, obfuscators are considerably simpler than compilers. I assume that you don't reject the acquisition of a compiler from a reputable vendor because of the probability it has bugs in it. -- IDB Back to top Display posts from previous: All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year Oldest FirstNewest First         C++Talk.NET Forum Index -> C++ language (comp.lang.c++) All times are GMT Page 1 of 1   Jump to: Select a forum C/C++----------------C LanguageC Language (Moderated)C++ Language (Moderated)C++ language (comp.lang.c++)C++ language, library and standards Non-English C/C++ Newsgroups----------------C++ (German)C++ (French)  You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Powered by phpBB © 2001, 2006 phpBB Group SEO toolkit © 2004-2006 webmedic.