On Tue, Feb 12, 2013 at 10:39 AM, jbiskofski <jbiskof...@gmail.com> wrote: > I understand that obfuscating code is not a real detriment to a seriously > motivated knowledgeable hacker. Yet I still think some security is > preferable to no security at all. Also I wish this problem could be > attacked somehow other than suggesting to switch to a different language.
Obfuscation is not security. Other people have explained why obfuscation doesn't make any technical sense. Let me venture a little bit off topic and explain why it doesn't make any business sense either. With your LMS, you're in, fundamentally, a service-oriented business. The source code that implements your LMS is a tool that helps you deliver that service -- but it's not really the most important part of that service, not by a long shot. (It's about as important as the office copy machine, in fact.) Do you really think that you if you gave that code to somebody outside your line of business they would overnight turn into a competitor for you? No, they wouldn't, because they won't have the assets that you have that are _really_ important for your business -- like those 18 people that work for you, that have an intimate knowledge of the problem domain, and of the needs of your customers, and the history of your service. They also won't have another critical asset you have: those 300K users, which simultaneously give you a selling point for future customers and an available pool of people that I bet are happy to suggest new features and test them out and provide you in-depth feedback. Figure out how to protect and nurture *those* assets, and it doesn't matter who sees your code, because even if they put up an exact clone of your service, you'll still out-perform and out-innovate them, which means you'll out-sell them. chrs, john. -- To unsubscribe, e-mail: beginners-unsubscr...@perl.org For additional commands, e-mail: beginners-h...@perl.org http://learn.perl.org/
