From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: weis Received: (from weis@localhost) by pauillac.inria.fr (8.7.6/8.7.3) id WAA27718 for caml-red; Thu, 8 Jun 2000 22:26:34 +0200 (MET DST) Received: from nez-perce.inria.fr (nez-perce.inria.fr [192.93.2.78]) by pauillac.inria.fr (8.7.6/8.7.3) with ESMTP id XAA14081 for ; Wed, 7 Jun 2000 23:41:50 +0200 (MET DST) Received: from vector.intergate.ca (vector.intergate.ca [207.34.179.20]) by nez-perce.inria.fr (8.10.0/8.10.0) with ESMTP id e57LfmL29039 for ; Wed, 7 Jun 2000 23:41:49 +0200 (MET DST) Received: from machiavelli (pm46s25.intergate.bc.ca [209.52.160.188]) by vector.intergate.ca (8.9.3/8.9.3) with SMTP id OAA12141 for ; Wed, 7 Jun 2000 14:41:27 -0700 (PDT) Message-ID: <003a01bfd0c9$9f1d1370$67adc2cf@machiavelli> From: "Michael Donat" To: Subject: Re: Reverse-Engineering Bytecode: A Possible Commercial Objection To O'Caml Date: Wed, 7 Jun 2000 14:41:27 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: weis >How can companies protect their bytecode, at least their modules, from reverse >engineering? I believe that if someone has the desire to reverse engineer OCaml bytecode someone will also have these other capabilities: 1) Be able to reverse engineer native code. 2) Be able to run the OCaml bytecode system in a debugger, stop after your bytecode was decrypted, and reverse engineer it from there. I don't see a benefit in having an OCaml module encryption system. If you want to encrypt important portions of your app, you might consider producing your own bytecode system. The main benefit of this approach is that your bytecode is private, thus dramatically intensifying the effort required to reverse engineer. I think this would be a much more effective use of time than implementing an OCaml module encryption system. Michael Donat