Path: csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!aioe.org!feeder.news-service.com!xlned.com!feeder5.xlned.com!newsfeed.xs4all.nl!newsfeed6.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail
Return-Path: <debatem1@gmail.com>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.050
X-Spam-Evidence: '*H*': 0.90; '*S*': 0.00; 'sun,': 0.09; 'pm,': 0.11; 'wrote:': 0.14; 'subject:python': 0.15; 'hello:': 0.16; 'subject:distribution': 0.16; 'traffic,': 0.16; 'thanks,': 0.17; 'code.': 0.18; 'large,': 0.19; 'source.': 0.19; 'cc:no real name:2**0': 0.20; 'cc:2**0': 0.20; 'code,': 0.20; '(or': 0.22; 'code': 0.22; 'header:In-Reply-To:1': 0.22; 'cc:addr:python-list': 0.22; 'subject:code': 0.23; 'message-id:@mail.gmail.com': 0.28; 'thanks': 0.29; 'closing': 0.29; 'server': 0.29; 'cc:addr:python.org': 0.31; 'does': 0.31; 'it.': 0.31; 'standards': 0.31; 'project': 0.32; 'source': 0.32; 'idea': 0.32; 'someone': 0.33; 'fairly': 0.33; 'test': 0.33; 'using': 0.34; 'there': 0.35; 'couple': 0.35; 'open': 0.35; 'some': 0.37; 'received:209.85': 0.37; 'received:google.com': 0.38; 'but': 0.38; 'pretty': 0.38; 'to.': 0.39; 'end': 0.39; 'received:209': 0.39; 'solution': 0.40; 'would': 0.40; 'header:Received:5': 0.40; '2011': 0.62; 'secure': 0.62; 'play': 0.64; 'here': 0.65; 'received:209.85.216.181': 0.68; 'received:mail- qy0-f181.google.com': 0.68; 'online': 0.70; 'ideas.': 0.73; 'gain': 0.80; 'surface': 0.91
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=vvcQVIsf+29qKfjD9YP2WPZXkR2rxc50qIwxL5uLL8g=; b=etjIIEwLMcxGpiW8Vv3d8Zw2lo4crQ324xmHj4OxEY1LPowhY0miHI+Uq2YIG+UA90 LZXcNGq3v81wYGirdbtvf64IsCiE5ceHC6yGOIhsqOv3rP+j64xzIqAAgw9lD8Ew8ZF5 bhhVPSeCZNWJS/yNYFuaHwHsnuS/2NAuL7ND4=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=PYwzMthV7A7RUnVNU8/hHq4aA/FnyHKOdD4+tyyYpVFagB/vyGpypST02gVgYZkjb+ ZELXvi3w6rkl339i6rrAndtAv5KXVvUy8snfb+c9EKbMLNtQFQ4OGQX9QGpmELaai4v8 AzNqTisFINX0Cv40u/1hUCNQ4S5lM8ErPtSAw=
MIME-Version: 1.0
In-Reply-To: <4DD0B903.4090109@tysdomain.com>
References: <mailman.1609.1305511928.9059.python-list@python.org> <87boz3gw5u.fsf@benfinney.id.au> <mailman.1614.1305517027.9059.python-list@python.org> <4dd0a1fc$0$29983$c3e8da3$5496439d@news.astraweb.com> <BANLkTin8JUYbSCOvCHvXYt+LYZMn1Th1tA@mail.gmail.com> <4DD0B903.4090109@tysdomain.com>
Date: Mon, 16 May 2011 00:27:44 -0700
Subject: Re: obviscating python code for distribution
From: geremy condra <debatem1@gmail.com>
To: tyler@tysdomain.com
Content-Type: text/plain; charset=ISO-8859-1
Cc: python-list@python.org
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.1631.1305530867.9059.python-list@python.org>
Lines: 24
NNTP-Posting-Host: 82.94.164.166
X-Trace: 1305530867 news.xs4all.nl 81483 [::ffff:82.94.164.166]:50090
X-Complaints-To: abuse@xs4all.nl
Xref: x330-a1.tempe.blueboxinc.net comp.lang.python:5495

On Sun, May 15, 2011 at 10:41 PM, Littlefield, Tyler
<tyler@tysdomain.com> wrote:
> Hello:
> Thanks all for your information and ideas. I like the idea of open source; I
> have a fairly large (or large, by my standards anyway) project that I am
> working on that is open source.
>
> Here's kind of what I want to prevent. I want to write a multi-player online
> game; everyone will essentually end up connecting to my server to play the
> game. I don't really like the idea of security through obscurity, but I
> wanted to prevent a couple of problems.
> 1) First I want to prevent people from hacking at the code, then using my
> server as a test for their new setups. I do not want someone to gain some
> extra advantage just by editing the code.
> Is there some other solution to this, short of closed-source?
> Thanks,

I don't know that closing the source does you much more good than
obfuscating it. The obvious attack surface here is pretty much totally
exposed via network traffic, which any legitimate client can gain
access to. A better approach would be to simply write more secure code
in the first place.

Geremy Condra