Path: csiph.com!usenet.pasdenom.info!weretis.net!feeder1.news.weretis.net!feeder.erje.net!eu.feeder.erje.net!newsfeed.xs4all.nl!newsfeed4.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path: <rosuav@gmail.com>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.025
X-Spam-Evidence: '*H*': 0.95; '*S*': 0.00; 'binary': 0.07; 'extent': 0.07; 'matches': 0.07; 'notice,': 0.07; 'subject:code': 0.07; 'security.': 0.09; 'wrong,': 0.09; 'cc:addr:python-list': 0.11; 'python': 0.11; 'jan': 0.12; "wouldn't": 0.14; '"calling': 0.16; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'losing': 0.16; 'subject:possible': 0.16; 'subject:python': 0.16; 'wrote:': 0.18; 'code.': 0.18; 'server,': 0.19; 'machine': 0.22; 'code,': 0.22; 'cc:addr:python.org': 0.22; 'install': 0.23; 'adds': 0.24; 'convenient': 0.24; 'subject: .': 0.24; 'cc:2**0': 0.24; "i've": 0.25; 'source': 0.25; 'compiled': 0.26; 'distribute': 0.26; 'header:In-Reply-To:1': 0.27; 'rest': 0.29; 'am,': 0.29; 'message-id:@mail.gmail.com': 0.30; 'work.': 0.31; 'code': 0.31; 'that.': 0.31; 'usually': 0.31; 'fighting': 0.31; 'fri,': 0.33; 'done.': 0.35; 'received:google.com': 0.35; 'version': 0.36; 'done': 0.36; 'possible': 0.36; 'subject:?': 0.36; 'effort': 0.37; 'too': 0.37; 'checks': 0.38; 'does': 0.39; 'legitimate': 0.39; 'sure': 0.39; 'users': 0.40; 'how': 0.40; 'even': 0.60; 'first': 0.61; 'offer': 0.62; 'making': 0.63; 'real': 0.63; 'day.': 0.63; 'more': 0.64; 'within': 0.65; 'between': 0.67; 'periodically': 0.68; 'sam': 0.68; 'guaranteed': 0.75; 'protect': 0.79; 'battle.': 0.84; 'compiling': 0.84; 'etc,': 0.84; 'off,': 0.84; 'purchasers': 0.84; 'rip': 0.84; 'subject:source': 0.84; 'world?': 0.84; 'to:none': 0.92
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:cc :content-type; bh=WIan1KOjw+Pi2dW5ESvNPfN4w8JZetchK8xKNhj31GA=; b=a+OY2zY2QGqlCRnUGOmGTDCfe54WeaYQdIx8QbhTHHK6VL7572tFDYj3sjh7X5DPvC viXJnjPXJBUQEZ8qthGsxEx42ZiyG+XT4CBZQorWQcXFTlcuMYNo3+3/G8p5E2RZQVUH lhrVOdpoIp15TQ5HGWySR1mvPGtb2evSN+o+UhjlDrGFWJSdjF78IM42wEisMCEnOWOU HFjWZmM2s8XR5swz66SSn/1vQwn9pS8O9VcfrrCAuIfG6jtwJJY0TpbILtNyxZ3s6ljF tRpGXTlXfYne9MVW5bYMKCW60avHRoHfr8siC5ylizpmwoUw3daSarXR11tS/sK4evdD AmVQ==
MIME-Version: 1.0
X-Received: by 10.66.102.39 with SMTP id fl7mr13390275pab.43.1389920992050; Thu, 16 Jan 2014 17:09:52 -0800 (PST)
In-Reply-To: <7bf45fc1-e1c4-44f2-812c-e11ffa2c8ef3@googlegroups.com>
References: <7bf45fc1-e1c4-44f2-812c-e11ffa2c8ef3@googlegroups.com>
Date: Fri, 17 Jan 2014 12:09:51 +1100
Subject: Re: Is it possible to protect python source code by compiling it to .pyc or .pyo?
From: Chris Angelico <rosuav@gmail.com>
Cc: "python-list@python.org" <python-list@python.org>
Content-Type: text/plain; charset=UTF-8
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list/>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.5616.1389920994.18130.python-list@python.org>
Lines: 33
NNTP-Posting-Host: 2001:888:2000:d::a6
X-Trace: 1389920994 news.xs4all.nl 2911 [2001:888:2000:d::a6]:46783
X-Complaints-To: abuse@xs4all.nl
Xref: csiph.com comp.lang.python:64127

On Fri, Jan 17, 2014 at 11:58 AM, Sam <lightaiyee@gmail.com> wrote:
> I would like to protect my python source code. It need not be foolproof as long as it adds inconvenience to pirates.
>
> Is it possible to protect python source code by compiling it to .pyc or .pyo? Does .pyo offer better protection?
>

The only difference between pyo and pyc is that the former is with
optimization done. And neither of them offers any real security.

Even if you compiled it down to machine code, you wouldn't do much to
deter pirates. All you'd do is make it so they have to take your code
as a whole instead of piece-meal.

Fighting against piracy using technology is pretty much guaranteed to
be a losing battle. How much time and effort can you put in, versus
the whole rest of the world? And how much harassment will you permit
on your legitimate users in order to slow down a few who want to rip
you off? I've seen some programs - usually games - that put lots and
lots of checks in (checksumming the program periodically and crashing
if it's wrong, "calling home" and making sure the cryptographic hash
of the binary matches what's on the server, etc, etc)... and they
still get cracked within the first day. And then legitimate purchasers
like me have to deal with the stupidities (single-player games calling
home??), to the extent that it's actually more convenient to buy the
game and then install a cracked version from a torrent, than to
install the version you bought. And there's one particular game where
I've done exactly that. It's just way too much fiddliness to try to
make the legit version work.

Distribute your code with a copyright notice, accept that a few people
will rip you off, and have done with it.

ChrisA