Forum: Ruby Encrypt ruby source code

E13ba8e702211be152c640df2d8e141f?d=identicon&s=25 Joe Black (joe-black)
on 2006-09-26 08:38
Hi all
any one know how to encrypt ruby source code.
regards
7f891fbe8e3bae7f9fe375407ce90d9d?d=identicon&s=25 Harold Hausman (Guest)
on 2006-09-26 08:49
(Received via mailing list)
On 9/26/06, Joe Black <allenbobo@gmail.com> wrote:
> Hi all
> any one know how to encrypt ruby source code.
> regards

How about this?
http://www.rubyquiz.com/quiz34.html

>
> --
> Posted via http://www.ruby-forum.com/.
>

Shocking.

>

hth,
-Harold
4db5dbdedcae4df2feca2f2d93330208?d=identicon&s=25 Paul Lutus (Guest)
on 2006-09-26 08:55
(Received via mailing list)
Joe Black wrote:

> Hi all
> any one know how to encrypt ruby source code.

There are dozens of ways. But after it's encoded, it can't be executed
my
more. What was your actual question?
E13ba8e702211be152c640df2d8e141f?d=identicon&s=25 Joe Black (joe-black)
on 2006-09-26 09:49
I want supply a web app to third party,
but don't want tell them my source code.
what can i do?
any suggestion

regards

Paul Lutus wrote:
> Joe Black wrote:
>
>> Hi all
>> any one know how to encrypt ruby source code.
>
> There are dozens of ways. But after it's encoded, it can't be executed
> my
> more. What was your actual question?
4db5dbdedcae4df2feca2f2d93330208?d=identicon&s=25 Paul Lutus (Guest)
on 2006-09-26 11:16
(Received via mailing list)
Joe Black wrote:

> I want supply a web app to third party,
> but don't want tell them my source code.
> what can i do?

Don't use Ruby. Even if you provide the source encrypted, you have to
unencrypt it for Ruby to execute it, and at that point a hacker could
intervene and examine the plain-text source.

Ruby (as an interpreted language) is simply not meant for this kind of
closed-source, proprietary commercial activity.

One option that comes to mind is a project that converts Ruby source
into an
executable package in native code. Unfortunately, now I cannot find a
reference to it. Maybe someone else can provide a reference.
7f891fbe8e3bae7f9fe375407ce90d9d?d=identicon&s=25 Harold Hausman (Guest)
on 2006-09-26 11:22
(Received via mailing list)
On 9/26/06, Paul Lutus <nospam@nosite.zzz> wrote:
> Joe Black wrote:
>
> > I want supply a web app to third party,
> > but don't want tell them my source code.
> > what can i do?
>

...

>
> One option that comes to mind is a project that converts Ruby source into an
> executable package in native code. Unfortunately, now I cannot find a
> reference to it. Maybe someone else can provide a reference.
>
> --
> Paul Lutus

Paul,

You're likely thinking of RubyScript2Exe:
http://www.erikveen.dds.nl/rubyscript2exe/index.html

Which, while very sweet doesn't necessarily play nicely as a webapp
which the OP mentions his project is.

I really believe that if your app is commercially viable, you're
probably going to be selling it to people that will respect it's
license so just release it under a license that protects you
financially. Or do it in another language that supports you selling
your code to knaves. heh.

-Harold
C44b9eaf3513e7d44e8d9facee92c2fa?d=identicon&s=25 David Roberts (deejay)
on 2006-09-26 11:23
Joe Black wrote:
> Hi all
> any one know how to encrypt ruby source code.
> regards

Some reading:

http://www.erikveen.dds.nl/rubyscript2exe/

http://blog.zenspider.com/archives/zenobfuscate/
4adc88eff7bf918a302b1f52a4a248b3?d=identicon&s=25 Tom Pollard (Guest)
on 2006-09-26 16:51
(Received via mailing list)
On 9/26/06, Paul Lutus <nospam@nosite.zzz> wrote:
>> One option that comes to mind is a project that converts Ruby
>> source into an
>> executable package in native code. Unfortunately, now I cannot find a
>> reference to it. Maybe someone else can provide a reference.

On Sep 26, 2006, at 5:21 AM, Harold Hausman wrote:
> You're likely thinking of RubyScript2Exe:
> http://www.erikveen.dds.nl/rubyscript2exe/index.html

It should be pointed out that this is NOT a compiler.  What I believe
it does is to create an executable archive containing your script,
the ruby executable, and any dependent modules and libraries it needs
to execute your script.  When you run the resulting package, the
archive is unpacked into a temporary directory and the bundled ruby
interpreter is used to execute your script.  There are a number of
similar tools for perl and python that work this way (perlapp, PAR,
perl2exe, py2exe, py2app, ...).


> I really believe that if your app is commercially viable, you're
> probably going to be selling it to people that will respect it's
> license so just release it under a license that protects you
> financially. Or do it in another language that supports you selling
> your code to knaves. heh.

That's really the bottom line, here.  Scripting languages are
inherently open-source.  Big and medium-sized companies have lawyers
who make sure their companies don't put themselves in legal jeopardy
by violating software licensing agreements.


TomP
4feed660d3728526797edeb4f0467384?d=identicon&s=25 Bill Kelly (Guest)
on 2006-09-26 17:19
(Received via mailing list)
From: "Paul Lutus" <nospam@nosite.zzz>
>
> One option that comes to mind is a project that converts Ruby source into an
> executable package in native code. Unfortunately, now I cannot find a
> reference to it. Maybe someone else can provide a reference.

Ruby2CExtension: http://ruby2cext.rubyforge.org/


I haven't tried it yet, myself. . . . But if one's code doesn't
run afoul of any of the limitations,
( http://ruby2cext.rubyforge.org/limitations.html ), then ruby2cext
sounds like a genuine solution to the problem.


Regards,

Bill
B1445f6a5d2b63683c08576bf929571e?d=identicon&s=25 ralf (Guest)
on 2006-09-26 17:21
(Received via mailing list)
Joe Black schrieb:

> Hi all
> any one know how to encrypt ruby source code.
> regards
>

Hi Joe,
encoding you code to protect your intellectual property seems to be a
good thing. But I do not expect it to realy work:
1. Security by obfuscation is surely not the ultimate weapon. You
cannot be sure, that the  obfuscation work. A skilled Hacker can get
the code out of a compiled C- or Java-library.
2. How do you check the integrity of your code? If it's encoded, you
propably need the knowledge of other people, you HAVE to trust. If it's
text, you can do that on your own.
3. Where is the key to decode your app? It propalby lies on the same
machine, where the app should run. this leads to -->>
4. On what OS should your app run? Is it secure enough?
5. Does the company have a policy, what to do while a break-in is
detected? Does they detect that anyway?
.
.
.
N. You cannot be sure, so choose a license, that fits your needs and
distribute exactly what you've coded: text.

best regards
Ralf
F1d37642fdaa1662ff46e4c65731e9ab?d=identicon&s=25 Charles Nutter (headius)
on 2006-09-26 17:27
(Received via mailing list)
On 9/26/06, Tom Pollard <tomp@earthlink.net> wrote:
> That's really the bottom line, here.  Scripting languages are
> inherently open-source.  Big and medium-sized companies have lawyers
> who make sure their companies don't put themselves in legal jeopardy
> by violating software licensing agreements.

I disagree with the open-source assertion. JRuby will soon support
pre-parsing libraries into an intermediate format that's difficult
(but obviously not impossible) to reverse back to code. We're also
working on a compiler to Java bytecode that would make the original
source completely unnecessary and extremely difficult to produce. It's
all in your definition of "open" of course, but there's perfectly
valid cases for providing compiled dynamic-language applications
without loose source files.
Please log in before posting. Registration is free and takes only a minute.
Existing account

NEW: Do you have a Google/GoogleMail, Yahoo or Facebook account? No registration required!
Log in with Google account | Log in with Yahoo account | Log in with Facebook account
No account? Register here.