>>>That is exactly what I said. EXE Packers will load into memory fully, but by default regular VFP exes do not.
>
>Apart from commercial exe packers like Armadillo, IME VFP protection schemes like Refox and the earlier Konxise also decompress into memory. Refox can reduce a >20MB exe to 4MB or less depending on content, which helps to mitigate any perceived overhead from downloading it all at once.

Not sure about that. I've use konxise before, but nor refox . I've not done a throurough analysis of the network trafic on those two.

>If people are deploying vanilla exes anticipating performance benefits running over a WAN or LAN, IMHO it's worth regularly checking the effect of Refox or VFP Compiler. Performance is one thing, but hacker proofing is increasingly relevant IMHO.

>This month, regional hospital systems in Ireland and New Zealand were struck by hackers demanding millions of $ ransom and taking entire IT systems down for over a week and counting in the NZ case. In reaction, app security audits are being widely promoted as the up and coming Y2K-style bonanza for consulting firms so that IMHO it's worth protecting asap to avoid any risk of fail assessment. JMHO.

Protecting your intellectual property and protecting your systems from ransomware are two separate things, not to be confused with each other. I won't give a hoot about protecting our source code. That is not on which we make our money. Ransomware is a total different matter though.