Asp Forum - Encryption for Executables? - microsoft.public.vb.general.discussion

David Kaye

6/1/2011 6:13:00 PM

Does anybody have a recommendation (that is EXPERIENCE) with a low-cost or
no-cost encryption or compression program to encrypt an executable? I want
to make it hard for someone to decompile a program I've worked many years
creating.

Thanks.

22 Answers

dpb

6/1/2011 6:42:00 PM

On 6/1/2011 1:12 PM, David Kaye wrote:
> Does anybody have a recommendation (that is EXPERIENCE) with a low-cost or
> no-cost encryption or compression program to encrypt an executable? I want
> to make it hard for someone to decompile a program I've worked many years
> creating.
....

The chances of somebody getting anything useful out of a decompilation
of an executable is at least approaching vanishingly small.

--

David Kerber

6/1/2011 7:52:00 PM

[This followup was posted to microsoft.public.vb.general.discussion and
a copy was sent to the cited author.]

In article <is615m$gbr$1@speranza.aioe.org>, none@non.net says...
>
> On 6/1/2011 1:12 PM, David Kaye wrote:
> > Does anybody have a recommendation (that is EXPERIENCE) with a low-cost or
> > no-cost encryption or compression program to encrypt an executable? I want
> > to make it hard for someone to decompile a program I've worked many years
> > creating.
> ...
>
> The chances of somebody getting anything useful out of a decompilation
> of an executable is at least approaching vanishingly small.

Especially if it's VB classic (which I assume it is).

Jeff Johnson [MVP: VB]

6/1/2011 8:36:00 PM

"David Kaye" <sfdavidkaye2@yahoo.com> wrote in message
news:is60uh$k9j$1@dont-email.me...

> Does anybody have a recommendation (that is EXPERIENCE) with a low-cost or
> no-cost encryption or compression program to encrypt an executable? I
> want to make it hard for someone to decompile a program I've worked many
> years creating.

If your stuff is actually so valuable you feel the need to encrypt it then
it will be valuable enough for someone to bypass your encryption.

David Kaye

6/1/2011 9:28:00 PM

"David Kerber" <dkerber@WarrenRogersAssociates.invalid> wrote

>
> Especially if it's VB classic (which I assume it is).

VB 6.0 Enterprise or whatever the version with all the bells and whistles is
called.

David Kaye

6/1/2011 9:32:00 PM

"Jeff Johnson" <i.get@enough.spam> wrote

> If your stuff is actually so valuable you feel the need to encrypt it then
> it will be valuable enough for someone to bypass your encryption.

It's for an untouched niche market (yes I really found one), and as
developers discover this market right in front of their noses I suspect that
they're going to want to my efforts. Normally I wouldn't care, but a lot of
work -- coding, interviewing prospective customers, tweaking, refinement,
and testing in real-world situations -- has gone into this project.

I'm sure that the look and feel would be imitated, but the underlying code
has some very unique aspects that I'd like to be able to protect as much as
possible.

Maybe I don't need to worry...I don't know...

Tony Toews

6/1/2011 10:29:00 PM

Anton

6/1/2011 10:40:00 PM

David Kaye wrote on 2011/06/01 :
> Does anybody have a recommendation (that is EXPERIENCE) with a low-cost or
> no-cost encryption or compression program to encrypt an executable? I want
> to make it hard for someone to decompile a program I've worked many years
> creating.

> Thanks.

I wrote my own Crypt/Decrypt. It uses MS Encryption APIs in some very
unique ways that I cannot tell you about. But if you think about it,
you too can do something similar by thinking outside the box.

So how would the user decrypt?
Built in to the installer?
Separate decryptor?
?

ralph

6/2/2011 1:13:00 AM

On Wed, 1 Jun 2011 11:12:36 -0700, "David Kaye"
<sfdavidkaye2@yahoo.com> wrote:

>Does anybody have a recommendation (that is EXPERIENCE) with a low-cost or
>no-cost encryption or compression program to encrypt an executable? I want
>to make it hard for someone to decompile a program I've worked many years
>creating.
>
>

Some random remarks... <g>

1) If a VB Application is compiled to Native Code using no-debug and
optimizing options there is literally no way to 'de-compile' the
application back to the original 'VB Code'.

[That and what follows is essentially true for any Windows
Applications regardless of the development platform.]

2) There are, however, many ways to reverse-engineer or ferret out
intellectual information from a compiled application. The ability to
do so depends solely on the skill, interest, and stubbornness of the
attacker.

Applications that use a particular 'Framework' such as VB's VB
Runtime, or VC's ATL or MFC can more easily be segmented into 'known'
blocks. For example, with VB it is possible to 'reconstruct' Forms,
Controls, Resources, and Classes.

With common libraries, such as ADO, no attempt is made to de-compile.
All that is needed is to identify the input and outputs.

User Controls can be simply 'stolen' and reused. (A more difficult
task.)

Algorithms can be 'reconstructed' to a degree. Depends on the over all
structure, how self-contained, the inputs, outputs, etc.

Most attackers will not attempt to 'back-track' or reconstruct all or
most of the original code whether Pascal, Delphi, C, C++, or VB - what
they will do is get blocks, functions, or objects back to some kind of
C or Assembly which they can manipulate and re-used in another project
based on one of those platforms. Once again it is not necessarily to
fully de-compile or re-engineer an application to steal intellectual
property.

-ralph

ralph

6/2/2011 2:33:00 AM

MikeD

6/2/2011 2:53:00 AM

"David Kaye" <sfdavidkaye2@yahoo.com> wrote in message
news:is6b3k$s8f$1@dont-email.me...
> "Jeff Johnson" <i.get@enough.spam> wrote
>
>> If your stuff is actually so valuable you feel the need to encrypt it
>> then it will be valuable enough for someone to bypass your encryption.
>
> It's for an untouched niche market (yes I really found one), and as
> developers discover this market right in front of their noses I suspect
> that they're going to want to my efforts. Normally I wouldn't care, but a
> lot of work -- coding, interviewing prospective customers, tweaking,
> refinement, and testing in real-world situations -- has gone into this
> project.
>
> I'm sure that the look and feel would be imitated, but the underlying code
> has some very unique aspects that I'd like to be able to protect as much
> as possible.
>
> Maybe I don't need to worry...I don't know...

I'm not saying you couldn't have found one of the rare and untouched niche
markets, but that's really irrelevant. The fact is, IF it's untouched and
other people THINK it could be profitable, the simple fact of your app being
out there (enlightening other developers, so to speak) could drive
development of it. Anybody that wanted to get into that same market isn't
likely to be interested in your actual code. Therefore, your concerns are
completely backwards. It's the UI that anybody can copy easily because,
obviously, that's what people see when they run your program. The code
itself, you really don't need to worry too much about. As Jeff said, if
somebody really wanted to decompile your code, they'd find a way regardless
of what you do.

If you REALLY think you've got something that you're first in, then you need
to apply for a patent, and have that awarded, BEFORE you release your app.
What you need to protect is your idea, not your program's code. Now whether
a patent can do that fully, I don't know. A combination of a patent and
officially copyrighting your code might not be a bad idea IF you really,
truly think you've got something that NOBODY else has EVER thought of (sorry
if I sound just a bit skeptical).

--
Mike

microsoft.public.vb.general.discussion

Encryption for Executables?

David Kaye

dpb

David Kerber

Jeff Johnson [MVP: VB]

David Kaye

David Kaye

Tony Toews

Anton

ralph

ralph

MikeD

x Login to ForumsZone