Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
How to protect my VFP 6 software from DECOMPILATION
Message
 
 
To
28/05/2001 19:01:25
Gerry Schmitz
GHS Automation Inc.
Calgary, Alberta, Canada
General information
Forum:
Visual FoxPro
Category:
Third party products
Miscellaneous
Thread ID:
00511877
Message ID:
00512041
Views:
18
>I take exception with MS's cavalier attitude that "it's not an issue".

That's not exactly what I said. I said that I don't think there's anything Microsoft need to do on our part.

> With decompilers aimed at C, VB, Delphi and the like, the resulting code is still pretty obscure, mainly due to a lack of "names"; not so with VFP.

So it's not cut-and-paste code; whatever. What one is usually after are the algorithms, not code you can paste directly into an editor. Any number of today's reverse engineering tools will get you at least that far, and some of the Delphi decompilers will get you just shy of cut-and-paste code.

>Visual dBase seems to be relatively secure compared to VFP;

How so? Is it truly more secure, or is the user base so small that no one bothered to write the equivalent of ReFox for dBase? If it compiles to genuine machine code, you could be right. If it's tokenized, it may still be easy to crack.

> MS doesn't even have the will to "try".

Considering that this is the first time I've heard anyone make a big deal out of not having native strong encryption, I don't think it's a question of whether or not Microsoft wants to implement it.

>Even if you buy ReFox to "brand" your code, you have to buy a "new" copy with each new release of VFP due to compatibility issues (not cheap).

The cost of ReFox was about four hours of billable time for me. Hey, I feel for the "little guy", I used to be one, but to me it was just the cost of doing business.

>I can't see why MS cannot "tweek" the encryption process so that at least it isn't so easy for ReFox to stay "current".

Oh, it could be arranged such that we lock out decompilers completely (well, not quite, obviously). Personally, I'd like the ReFox folks to stay in business.

Besides, I can't tell you how many clients I've bailed out with ReFox. From a consultant point of view, I'm not sure I'd want Microsoft to change the encryption. There are just too many clients out there w/o source code, and the original developer is no longer around, got hit by a bus, or whatever.

I'm open to arguments about why this should change, but you'll have a tough sell on your hands. Sure, there are lots of arguments on the pro side, but there's a lot of downside, too.
Mike Stewart
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform