Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #5708

Re: obviscating python code for distribution

Path csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!aioe.org!feeder.news-service.com!news2.euro.net!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path <debatem1@gmail.com>
X-Original-To python-list@python.org
Delivered-To python-list@mail.python.org
X-Spam-Status OK 0.015
X-Spam-Evidence '*H*': 0.97; '*S*': 0.00; 'debug': 0.03; 'wed,': 0.03; '+0100,': 0.07; 'either.': 0.09; 'teams,': 0.09; 'am,': 0.14; 'wrote:': 0.14; 'subject:python': 0.14; 'library': 0.15; 'developer': 0.15; "doesn't.": 0.16; 'hackers': 0.16; 'hans': 0.16; 'mounting': 0.16; 'obviously,': 0.16; 'risk,': 0.16; 'subject:distribution': 0.16; '\xa0to': 0.16; 'cc:addr:python- list': 0.17; 'mon,': 0.17; 'header:In-Reply-To:1': 0.21; 'cc:2**0': 0.22; 'maybe': 0.23; 'cc:no real name:2**0': 0.23; 'received:209.85.210.174': 0.23; 'received:mail- iy0-f174.google.com': 0.23; 'subject:code': 0.23; 'code': 0.24; 'windows': 0.26; 'script': 0.27; "i'm": 0.27; 'message- id:@mail.gmail.com': 0.28; "won't": 0.30; 'cc:addr:python.org': 0.30; 'it.': 0.31; 'full-time': 0.31; 'player': 0.31; 'shared': 0.32; 'source': 0.34; 'there': 0.35; 'closely': 0.35; 'quite': 0.36; 'received:google.com': 0.37; 'something': 0.37; 'received:209.85': 0.37; 'floating': 0.37; 'security.': 0.37; 'model': 0.37; 'but': 0.38; 'subject:: ': 0.38; 'some': 0.38; 'trouble': 0.39; 'should': 0.39; 'received:209': 0.39; 'system.': 0.39; 'absolute': 0.40; 'best': 0.60; 'your': 0.60; 'secure': 0.63; 'adobe': 0.63; 'dedicated': 0.65; 'cost': 0.65; 'kept': 0.67; 'flash': 0.72; 'imagine': 0.72; 'obfuscation,': 0.84; 'philosophy,': 0.84; 'targeting': 0.84; 'risk.': 0.91; 'acrobat': 0.93; 'increases': 0.93; 'malware': 0.93
DKIM-Signature v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=y89CnHlBkm1LyRYZBHpD5OUYDcP7S0H2HUbZLId44bI=; b=Knk0KnJK1vYTf9Tz1COWRZJcWxbxTrxF6xUGFZQNqTnkjugW7Wg2k0UcPQG+i0R6Gy vIrAtPqd2MzChYRL6IBaNoywJDM2xIvoP8vdHPcPQm2U0/xNOfVT5SVfGWweRkWa+EzD c9gGGTqNlLptPo6GBBtmrtWdx18JGOCPKFdvI=
DomainKey-Signature a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=aR3WHypspLXP044wl34a5sdonHgQfsPK8CnvttkIgO2ZcMK33/FWK6MLuwTQkBwNnf TIVZK30Hg4yn+rC9+cfB4/vWZgMg2z4fELtoziyugvm1BZl+ZT/Ea9AlG3Yvem2ZZcm4 LLLICtJUUL+l9gnXtHz7l+2TRP8sFiFsOiTKg=
MIME-Version 1.0
In-Reply-To <5h9ca8-ekq.ln1@svn.schaathun.net>
References <4DD08620.4030507@tysdomain.com> <mailman.1611.1305512463.9059.python-list@python.org> <op.vvlipenoa8ncjz@gnudebst> <5h9ca8-ekq.ln1@svn.schaathun.net>
Date Wed, 18 May 2011 09:54:30 -0700
Subject Re: obviscating python code for distribution
From geremy condra <debatem1@gmail.com>
To Hans Georg Schaathun <hg@schaathun.net>
Content-Type text/plain; charset=ISO-8859-1
Content-Transfer-Encoding quoted-printable
Cc python-list@python.org
X-BeenThere python-list@python.org
X-Mailman-Version 2.1.12
Precedence list
List-Id General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive <http://mail.python.org/pipermail/python-list>
List-Post <mailto:python-list@python.org>
List-Help <mailto:python-list-request@python.org?subject=help>
List-Subscribe <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups comp.lang.python
Message-ID <mailman.1757.1305737674.9059.python-list@python.org> (permalink)
Lines 37
NNTP-Posting-Host 82.94.164.166
X-Trace 1305737674 news.xs4all.nl 49045 [::ffff:82.94.164.166]:40224
X-Complaints-To abuse@xs4all.nl
Xref x330-a1.tempe.blueboxinc.net comp.lang.python:5708

Show key headers only | View raw

On Wed, May 18, 2011 at 12:36 AM, Hans Georg Schaathun <hg@schaathun.net> wrote:
> On Mon, 16 May 2011 23:42:40 +0100, Rhodri James
>  <rhodri@wildebst.demon.co.uk> wrote:
> :  ...which is, of course, not exactly secure either.  A sufficiently
> :  determined hacker won't have much trouble disassembling a shared library
> :  even if you do strip out all the debug information.  By chance I'm having
> :  to do something closely related to this at work just at the moment; it's
> :  hard, but far from impossible.
>
> But then, nothing is secure in any absolute sense.

If you're talking security and not philosophy, there is such a thing
as a secure system. As a developer you should aim for it.

> The best you can
> do with all your security efforts is to manage risk.  Since obfuscation
> increases the cost of mounting an attack, it also reduces risk,
> and thereby provides some level of security.

The on-the-ground reality is that it doesn't. Lack of access to the
source code has not kept windows or adobe acrobat or flash player
secure, and they have large full-time security teams, and as you might
imagine from the amount of malware floating around targeting those
systems there are a lot of people who have these skills in spades.

> Obviously, if your threat sources are dedicated hackers or maybe MI5,
> there is no point bothering with obfuscation, but if your threat source
> is script kiddies, then it might be quite effective.

On the theory that any attack model without an adversary is
automatically secure?

Geremy Condra

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

Re: obviscating python code for distribution Daniel Kluev <dan.kluev@gmail.com> - 2011-05-16 13:21 +1100
  Re: obviscating python code for distribution "Rhodri James" <rhodri@wildebst.demon.co.uk> - 2011-05-16 23:42 +0100
    Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-18 08:36 +0100
      Re: obviscating python code for distribution Dotan Cohen <dotancohen@gmail.com> - 2011-05-18 17:42 +0300
      Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 09:54 -0700
        Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-18 18:33 +0100
          Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 12:07 -0700
            Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-18 20:56 +0100
              Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 14:34 -0700
                Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-19 06:21 +0100
                Re: obviscating python code for distribution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2011-05-19 08:47 +0000
                Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-19 10:16 +0100
                Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-19 10:23 -0700
                Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-19 19:23 +0100
                Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-19 17:56 -0700
                Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-20 05:48 +0100
                Re: obviscating python code for distribution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2011-05-20 07:04 +0000
                Re: obviscating python code for distribution Hans Georg Schaathun <hg@schaathun.net> - 2011-05-20 09:54 +0100
                Re: obviscating python code for distribution harrismh777 <harrismh777@charter.net> - 2011-05-20 15:24 -0500
                Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-20 15:45 -0700
                Re: obviscating python code for distribution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2011-05-21 00:54 +0000
                Re: obviscating python code for distribution harrismh777 <harrismh777@charter.net> - 2011-05-20 23:26 -0500
                Re: obviscating python code for distribution Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2011-05-20 07:10 +0000
                Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-20 09:26 -0700
                Re: obviscating python code for distribution Nobody <nobody@nowhere.com> - 2011-05-20 18:48 +0100
                Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-20 11:33 +1000
                Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-19 19:30 -0700
                Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-20 12:35 +1000
      Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 03:24 +1000
        Re: obviscating python code for distribution John Bokma <john@castleamber.com> - 2011-05-18 12:31 -0500
          Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 03:52 +1000
      Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 10:40 -0700
      Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 04:07 +1000
      Re: obviscating python code for distribution "Littlefield, Tyler" <tyler@tysdomain.com> - 2011-05-18 12:26 -0600
        Re: obviscating python code for distribution harrismh777 <harrismh777@charter.net> - 2011-05-18 21:54 -0500
          Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-19 10:50 -0700
            Re: obviscating python code for distribution harrismh777 <harrismh777@charter.net> - 2011-05-20 01:17 -0500
      Re: obviscating python code for distribution Dotan Cohen <dotancohen@gmail.com> - 2011-05-18 21:30 +0300
      Re: obviscating python code for distribution Dotan Cohen <dotancohen@gmail.com> - 2011-05-18 21:31 +0300
      Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 04:37 +1000
      Re: obviscating python code for distribution Chris Angelico <rosuav@gmail.com> - 2011-05-19 04:49 +1000
      Re: obviscating python code for distribution geremy condra <debatem1@gmail.com> - 2011-05-18 14:47 -0700

csiph-web