> Xitech (foxfix/refox people) have this already -- I've tested it; works
> faster, requires no external DLL's, and does not use .ZIP file style stuff..

Josh, do you mean the Cryptor thingy? Even if you use that you have to think about the problem in general terms first.

Let's say you decide to use a small app as a loader program that initializes Cryptor and then executes the Cryptorized APP file that contains your real application ... What will your dishonest users do? They decompile the loader applet to find the password, get Cryptor from Xitech and decrypt your app.

Even if they could not decompile the stub - like if you wrote it C++ or another language that compiles to machine code - they would simply use a debugger to set a breakpoint on that function of the Cryptor library that the password is passed to ... IOW, they would not even have to bother with tracing through the machine code.

There is no secret in this setup (not even decent amounts of obscurity!), so there is no secrecy.