>I want to encrypt my algorithm library, is there any good way in Go. My library is used in both Windows and Linux I'm assuming you're doing it for scalable distribution since Zhaoxun already answered local development environment. In this case it makes no sense as I can still use disassembler to reassemble your source codes after the decryption, either by software or many ways of reverse engineering techniques. Moreover, you will attract A LOT of insider threats (as in legit customers paid to reverse engineer your stuff, out of profits or curiosity). There were technologies in the past but highly I doubt they will work: hardware lock fuse bit and now TPM.
The only option I can see is host your library inside your own infrastructure and offer to client as an API services via network. That you can secure both binary and source codes forms within your own control while your customer enjoys your algorithm services. Otherwise, your business and marketing strategy have to step in. You can consult Spotify, and Google Cloud Key Management idea. Don't rely on legal filing or copyright pursue unless you got 7 digits budget cash-ready to pay your attorney. It's not cheap and is a time-consuming process. Regards, Holloway On Friday, March 18, 2022 at 10:33:21 AM UTC+8 yan.z...@gmail.com wrote: > I think it is best to run your code on an encrypted disk. So it cannot be > stolen by taking away the hard-drive. > Furthermore if the config and log files are in other folders, it is okay > to shut down the encrypted drive I guess. > In that case even it is running in memory, the hacker cannot get access to > the program file on removed encrypted disk. > > Beyond that, there is few software in the world up till now I believe, > could decode your program back to go source code. > And it is a better practice to put all the codes together rather then > dividing it to smaller pieces to make more complexity. > > Zhaoxun > > 在2022年3月18日星期五 UTC+8 09:30:21<Ian Lance Taylor> 写道: > >> On Thu, Mar 17, 2022 at 6:46 AM bbb tt <fort...@gmail.com> wrote: >> > >> > I want to encrypt my algorithm library, is there any good way in Go. My >> library is used in both Windows and Linux >> >> For a security issue like this it's essential to define the attack you >> want to defend against. >> >> The nature of Go is such that against a sophisticated attacker the >> best you can do in practice is to hide source code comments, or to run >> your program only as a secure service that is only accessible over a >> network. And to do that you don't need to do anything special at all. >> >> Ian >> > -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/57c781c1-2453-4ee6-bcf9-7cea740e31abn%40googlegroups.com.
