On Feb 24, 11:52 pm, Lalo Martins <[email protected]> wrote: > And please don't co-opt the word “secure” for it.
I'm a dev, not management. I understand the field internally and so I'm trying to start discussions to securely distribute NodeJS apps. Anyone wants to vote if C++ EXE's are harder to decompile than .NET EXE's? Just throw the damn thing into Reflector and viola!. With C++ you never really get great code. > Distribute your product with source. If your clients have enough > technical ability to “steal” it, they also have enough to help you fix > bugs. I work with assembly and IL. Source code can be compiled perfectly. Decompiled code almost NEVER compiles perfectly, the program crashes and/or strange errors appear. Binaries force the reverse engineer to work with assembly at a low level. Source code allows any idiot programmer to have a go at it. > And then make it a big deal in your promotion material that it comes with > sources. We're trying to protect our application from clients, not GIVE it to them. We're distributing applications that are run internally in organizations. We won't even KNOW if they are running hundreds of instances/copies of our software. > If somebody “steals” your work, sue them. Contract law is more than > sufficient for that, and if your clients are determined to “steal” your > work, binaries won't stop them. Binaries will slow them down. Enough to be helpful. > If the problem is more about especially clever things you do to solve > their problem -- again, contracts will protect you much better than > binaries or obscured code, but you also have the option of patents. Patents give away the techniques. Ever wonder why McDonald machines are not patented? Did you know that in China, for instance, the govt openly allows local companies to copy techniques described in patents? So much for patents. > Odds are, though, the thing you're trying to protect isn't 10% as valuable as > you think it is.) That's not for you to judge :) .. and not for me to judge either. I'm a dev, not a forecaster. -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
