[QUOTE=marcuso;19520]@cgjedi: imo, what they did is not cool, but what you did less cool.[/QUOTE]
I agree, because if its just to retain credit , I put the source code on my blog and share with everyone and if i use someones piece of code i mention his/her name… in the code… or blog. I do not mind of someone steel my code because if some code i wrote fails in some condition and some one else has taken the credit of code that actually I wrote and he doesn’t know how to fix it, then its his problem.
Nice discussion there !
I’m new to python, and will use it to write internal software (I actually use AutoIt for a lot of such stuff but have reach its limit). If one day I write some tools that others could use, I will distribute py file for sure.
But, I will write some python software that are highly integrated with our network, which need for example administrator login/password to do some stuff, some high level access to certain part of our network that normal users can’t reach (AD, ntfs). For these tools, even internally, I can’t give users the py file (anyone here could open it in notepad and get some confidential data/access).
So in this particular case, how can I deploy such tools on our network ? I’ve read in this thread that even an exe (py2exe) could be inverse engineered, so is there a solution for this ? With AutoIt, it make little exe very easily, and can’t be readable opened so it was never a problem to have such confidential data into (my source codes are on a dedicated network drive only accessible to me and a few qualified).
Thks
Kib
In games we say ‘the client is enemy territory’ – any set of bits on somebody’s hard drive can be poked at until it yields its secrets. Obfuscation and compilation can make it more time consuming to crack - but it’s ultimately crackable. That’s why the worldwide piracy rate for PC games approaches 90%
If you need to distribute stuff that requires access to sensitive, password protected stuff – don’t included it in the code. It’s better to require user to login with names and passwords and control access on the side you control – the server. Depending on your needs you might find it safer to serve out the files from secure locations from an https server that gets and puts files for the user instead of giving them direct file system access.
I know in the States lots of VFX or Film companies have to pass data security audits run by insurance companies – their contracts require a very high level of security. I don’t know if anybody with direct experience of that is here on the forum but it’s an issue that’s only going to get more visible in the future as more production is distributed around the globe.