NYCPHP Meetup

NYPHP.org

[nycphp-talk] testers wanted - phpguardian.com

Kyle Tuskey ktuskey at exostream.com
Wed Jun 19 23:50:12 EDT 2002 

Charles,

I don't respond to people who are narrow minded and need to curse to
make a point.  Protecting code is a valid practice.  I'm sorry you don't
agree, but please don't bring it to an infantile level. Thanks.

Kyle




-----Original Message-----
From: charles at softwareprototypes.com
[mailto:charles at softwareprototypes.com] 
Sent: Wednesday, June 19, 2002 11:43 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] testers wanted - phpguardian.com

Kyle, at the risk of lacking subtility,

if I loosed some extremely sophisticated search engines (and I've
written AI code and articles for AI Expert) on the intenet on a
hundred PCs and let those search enines run for a year, do you thing
I could find a SINGLE fuckin' competitor of yours who'd even want to
see your fuckin' code? Really now.

You're just fuckin' your clients over and fooling yourself. Try it
with a free-ware, GPLed release of the previous version of your
product and you'll be disgusted at the complete and utter lack of
interest EXCEPT by your existing client base, maybe, if you're lucky.

Code obfuscation is pointless and you'd be surprised how it HURTS you
and HELPS your competitors since they have to reverse engineer with a
clever way of doing what they see your code doing without your own
prejudices. 

They probably come up with shit you never thought of. Much more
clever than anything you came up with in the first place. (I made a
MISTAKE reverse engineering an expert system inference engine and
ended up with a complete enterprise modeling engine which then went
nowhere because the managers of the firm were great real-estate sales
men but couldn't manage an MIS project at gun point. Utter
dick-heads.)

Obfuscation is a mechanical process and if YOU can obfuscate it, it
can be UN-obfuscated almost as fast as you can muddy the waters.
(there were viri written for M$ XL BEFORE XL was even available on
CD-ROM.) And by ditching the variable and function names, (unless the
DDE/OLE maps are available,) the un-obfuscation gets rid of your own
internal slants and just shows things as they really are.

Stop with the code obfuscation BS.

The business and the money is NOT in the product but in the process
of building the product. HOW your company got the product spec in the
first place is much more important than the product to because life
is a moving target and whatever you deliver TODAY is obsolete before
you even deliver it.

Obfuscation is for long-term losers. phpguardian is a sham, a waste
of time and money and utterly counter-productive. AND NOBODY needs it.

-Ch-A.

> From: "Kyle Tuskey" <ktuskey at exostream.com>
> Organization: New York PHP
> Reply-To: talk at nyphp.org
> Date: Wed, 19 Jun 2002 19:55:06 -0400
> To: NYPHP Talk <talk at nyphp.org>
> Subject: RE: [nycphp-talk] testers wanted - phpguardian.com
> 
> I don't necessarily think this product is amazing, but I think
saying
> that code obfuscation isn't needed because "it isn't open source
> friendly" is a bold statement.  Some of us develop commercial
> redistributable software that needs obfuscation to protect the
code.  It
> is also a valuable tool for certain contracting circumstances.  I do
> feel that the zend encoder is the best obfuscator on the market, but
> then again I'm jaded since I know zeev and support his company.
> 
> 
> -- Kyle
> 
> 
> 
> -----Original Message-----
> From: charles at softwareprototypes.com
> [mailto:charles at softwareprototypes.com] 
> Sent: Wednesday, June 19, 2002 2:00 PM
> To: NYPHP Talk
> Subject: Re: [nycphp-talk] testers wanted - phpguardian.com
> 
> uh, php runs on the server side. It never gets off of the server
> because that's pointless.
> 
> Just who are we shielding the code from exactly? 
> 
> - Ourselves? Get real.
> - The "competition"? It entirely defeats the purpose and spirit of
> open source. 
> - "Crackers?" They just stress test your back-up and recovery
> procedures. 
> 
> Use CVS or SourceSafe or some other file versioning system and put
> checked-out copies of the the files in a tree under a shared
> directory or under the various home directories.
> 
> This abomination entirely defeats the purpose and spirit of open
> source. I say ignore it. If you're really in a snit, boycott it.
> 
> Its a __bad__ idea. ON par with charging for your OS.
> 
> -Ch-A.
> 
>> From: Hans Zaunere <zaunere at yahoo.com>
>> Organization: New York PHP
>> Reply-To: talk at nyphp.org
>> Date: Wed, 19 Jun 2002 10:29:14 -0400
>> To: NYPHP Talk <talk at nyphp.org>
>> Subject: [nycphp-talk] testers wanted - phpguardian.com
>> 
>> 
>> There's been some talk lately of source protection.  This package
> looks
>> very nice after a quick glance.
>> 
>>> From: "ade_inovica" <mrwowza at hotmail.com>
>>> 
>>> Hi there
>>> 
>>> We're just about ready to release an application called
> phpguardian -
>>> an application which will protect php source code.  We are really 
>>> keen to get some people to try it, so if anyone is interested, 
>>> please visit http://www.phpguardian.com and go to the download
link
>>> 
>>> All the best to everyone!
>>> 
>>> Ade
>> 
>> 
>> __________________________________________________
>> Do You Yahoo!?
>> Yahoo! - Official partner of 2002 FIFA World Cup
>> http://fifaworldcup.yahoo.com
>> 
> 
> 
> 
> 
>

More information about the talk mailing list