On Jan 23, 3:19 pm, "Diez B. Roggisch" <de...@nospam.web.de> wrote: > > Thank you very much Diez. > > This was my fear. > > Anyways, if we can make it real hard for them to analyze also, I think > > we are in the good - esp since the clients are not extremely rich > > enough to go for professional analyzers -- > > What is the skype method? The code is not huge - less than 20K LOC so, > > code encryption looks somewhat OK - would you be able to direct me to > > any hints on this? > > 20LOC of pyhon translates to the tenfold in a compiled language I'd guess. > > And all I know about the skype-protection I've read from some paper of > some french researches - I think. However, that paper was about > *breaking* the encryption, not about how to write it. > > And I'm not an expert in these matters, mind you. > > > One another option that I was thinking was to automatically generate > > the password for the database - re-encrypt every 1 hr - and store the > > password inside the code itself. Is that possible in Python? i.e. > > changing the code itself. > > But wherefrom do you get the *initial* password, or the one used the > last time? What happens if the process dies unexpectedly, leaving the db > in an undefined, half-crypted state with no way to know the new password? > > Seriously - if I was assigned the task of doing this thing, I'd seek > help from somebody who has experience in these matters. It's hard to get > right, and easy to get wrong but think one has it right. > > Diez
I agree Diez. Anyways, code encryption seems to be a fun thing. I will try to see whether some papers about Skype is running around. If I can get it done, then maybe I will try to post the code here. KT -- -- http://mail.python.org/mailman/listinfo/python-list
