From: stevenw@best.com (Steven Weller)
To: cypherpunks@toad.com
Message Hash: 1cc7d8fd05f02884479e7dedfe92874d80f2dea57ecd02ec7c37638b927f9fbd
Message ID: <v0153050fad000b64a813@[206.86.1.35]>
Reply To: N/A
UTC Datetime: 1995-12-22 07:20:20 UTC
Raw Date: Thu, 21 Dec 95 23:20:20 PST
From: stevenw@best.com (Steven Weller)
Date: Thu, 21 Dec 95 23:20:20 PST
To: cypherpunks@toad.com
Subject: Re: ex encrypted script
Message-ID: <v0153050fad000b64a813@[206.86.1.35]>
MIME-Version: 1.0
Content-Type: text/plain
>At 10:57 PM 12/21/95 -0500, Beavis B. Thoopit wrote:
>>> >| Is there a way to encrypt a script yet still allow it to be runnable? I
>>> >| know that the simple answer is to write it in C and compile it but I
>>>don't
>>> >| have the means of doing that at the moment. (i.e. there is not
>compiler on
>>> >| the system)
>>> >|
>>> >| I thought of a few simple protections but they all involve decrypting
>before
>>> >| running.
>>> >
>>> > Ever hear of chmod? chown?
>>> >Adam
>>>
>>> The vendor also has superuser access.. chmod chown won't protect it.. :(
>>
>>I once had to obfuscate an awk script. "Cryptography is Economics." My
>>job was to make it difficult for the enemy to steal the source. There
>>was a license agreement...
>>
>>The simple answer of "no" is right in the strong sense, but there are
>>tricks to make life difficult for the amateur attacker.
>>
>>My approach was a self-decrypting program. The "real" script was
>>encrypted within the body of the encasing script. For increased
>>obfuscation, decrypt only small pieces at a time.
>>
>>
>There is encrypt and then there is render useless to the reader.
>
>A tale I hear is that when HP had to deliver operating system source to
>the french government they stripped all comments and changed all variable
>and subroutine names to 32 byte strings of I 1 0 (zero) and O (uppercase O).
>It still compiled but was 100% useless to human readers.
There is a commercial product out there from Gimpel Software called _The C
Shroud_. It removes all structure from the code, replacing it with gotos,
renames all the symbols to axxxxxxx, converts constants and strings to hex,
substitutes all #defines and expands all macros, strips all formatting and
comments, etc., resulting in a perfectly compilable, but infuriatingly
obfuscated set of source files.
-------------------------------------------------------------------------
Steven Weller | "The Internet, of course, is more
| than just a place to find pictures
| of people having sex with dogs."
stevenw@best.com | -- Time Magazine, 3 July 1995
Return to December 1995
Return to “stevenw@best.com (Steven Weller)”
1995-12-22 (Thu, 21 Dec 95 23:20:20 PST) - Re: ex encrypted script - stevenw@best.com (Steven Weller)