Hello Bart, hello Alexey,
once again - thank you and *all* the developers for your great work!
Be constructive and tell us what you want in an encoder!
I personally just use the binary cacher. It`s the part i love and like. And:
Most of the software and scripts i prefer, use and dedicate is open source -
no encoder neccessary. :)
However, i understand, that for some projects and esp. for some kind of
clients an encoder is a good and fair option for coders to be sure to be
able to pay their own bills on time.. :D
So:
<dream mode>
Integrated "encode time expiring" and "server restriction" would be usefull
features. Also customised messages when files expire or aren't permissioned
to run would be nice as well.
</dream mode>
But these features can/should be handled by the authors themselves that
demand such protection for their software..
The main part of the encoder will always be its security: True encryption of
the source - not only "simple" code obfuscation.
And - whats IMHO even more important than the used encoding algorithm and
its key lenght: A well protected execution engine at runtime, so that
decoded chunks, keys or similar can not be read and combined from or
manipulated within memory..
Now that is *really* complex and requires good knowledge on executables, if
you desire *true* security and not a "wrapped binary cache". Some parts can
be handled for all systems - e.g. simple self modifying code, implementation
of the encoding algorithm and similar.
HOWEVER, it would EVEN REQUIRE special measures for EVERY KIND OF BINARY on
EACH OS (elf , pe ..) to keep the security level as high as possible, e.g.
combined compression, encoding and debug protection of the
eaccelerator/loader binary itself!
That`s why I really don`t know whether all the work on such an encoder is
worth it! Guys, don`t get me wrong - but just the "demand" for those
features won't help - only experienced coders with quite a lot of time can
keep track of this. I know, that you CAN handle this stuff - but will you
have the time? And there will be always work left on the caching engine
side.. :D
People who honestly care so much about there sources and *really* need *true
secure* protection, should stick to IonCube or ZEND products. I don`t know
whether i am wrong - but for most users the "performance part" - means the
binary cacher - "is" eaccelerator.
:)
Thank you!
Kind Regards
Alexander Schories
Tuebingen, Germany
If privacy or security of communication is on your mind, feel free to
establish a secure transmission using the PGP public key obtainable from
http://www.schories.com/alexander/pubkey/alexander_schories.asc
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
_______________________________________________
eAccelerator-users mailing list
eAccelerator-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/eaccelerator-users
-------------------------------------------------------
This SF.Net email is sponsored by the 'Do More With Dual!' webinar happening
July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual
core and dual graphics technology at this free one hour event hosted by HP,
AMD, and NVIDIA. To register visit http://www.hp.com/go/dualwebinar
