I am trying to implement my application in my client place and the
application is developed in Ruby on Rails.
Since I am going to deploy on their premise I wish to make the code as
encrypted can be compiled but not be able to view, use or copy.
How can I do that using open-source tools.
On Friday, 27 June 2014 22:09:09 UTC-5, Sheyam S. wrote:
I am trying to implement my application in my client place and the
application is developed in Ruby on Rails.Since I am going to deploy on their premise I wish to make the code as
encrypted can be compiled but not be able to view, use or copy.How can I do that using open-source tools.
You can’t do that with ANY tools. Even “Ruby Encoder” can be reversed to
regenerate source code, as can alternative approaches (using Jruby and
compiling to .class files, etc). Even compiled machine code can be
reversed back into C:
If they can execute the code, they can reassemble it. You’re trying to
protect code by putting a lock on it and then GIVING THEM THE KEY.
Ultimately, it’s a question of effort: you can make extracting source
more
difficult, but never impossible.
Also, this is an enormous red flag (from Ruby Encoder’s FAQ):
“Some of our techniques, for obvious reasons, are not documented outside
of
our core team and this is to provide a hightened level of protection for
the Ruby or Ruby on Rails scripts.”
A basic rule of security: if somebody’s promising that their SUPER
SEKRIT
ALGORITHMS can do something impossible, watch out.
Take the $199 and spend it on getting a good lawyer to write up a
contract
that specifies strong penalties for stealing source - but realize that
enforcing such a contract will cost even more money.
–Matt J.
Will the application be living on your hardware or your client’s? If
it’s
your hardware, I suppose there isn’t much to it. Set up the server and
retain root/admin access.
If you’re in a situation where you must deploy on the client’s hardware,
I
think your best bet is to establish a VM guest with your application.
Set
it up as if it were your own hardware (retain root/admin access) and
configure the VM guest to talk to your client’s network.
Your client will still have access to the machine, so if they wanted to
invest the time they could probably get at your application (in both
cases
I would use FDE). In this case at least they have to put some effort
into
it.
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs