Desperately seeking solution to protect the source code

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
Suhendri
Forum Newbie
Posts: 11
Joined: Tue Jan 06, 2004 7:14 pm
Location: Tangerang, Indonesia
Contact:

Desperately seeking solution to protect the source code

Post by Suhendri »

Until today i worried with my application sources that installed in client servers.

I'm afraid if the client take my sources and they learned the system flow. after that they discontinue the maintenance contract and they implement the system in new server with stolen code from my source code. :(

Is there any solution for my problem ?

Or i have to re-write the code to other language (ex. python/java), so the installed code in client server are the compiled program ?
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Re: Desperately seeking solution to protect the source code

Post by superdezign »

Copyright and licensing...?
ev0l
Forum Commoner
Posts: 56
Joined: Thu Jun 21, 2007 1:50 pm

Post by ev0l »

User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

Personally I would go with ioncube. It is more difficult (and costly) to decode.

Your best solution would be to just host the application on your own server and not allow the client access to the code.
Suhendri
Forum Newbie
Posts: 11
Joined: Tue Jan 06, 2004 7:14 pm
Location: Tangerang, Indonesia
Contact:

Re: Desperately seeking solution to protect the source code

Post by Suhendri »

superdezign wrote:Copyright and licensing...?
I live in a country with most of people didn't respect with the other person intellectual property... :(
so they can easily do what they want to do. And cost for court if we sue them is very high...

Copyright and licensing its like only a paper... and i need to protect my code to prevent their bad habit..
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Unfortunately all of the currently available byte-code compilers have been cracked. If the company wanted to gain access to the original code, it wouldn't take them long or much effort.

If you're truly scared of them ripping you off, host it on servers you control or invest in a very good license, which both parties keep (signed) copies of which specifically list the limitations of their appropriation of the code.
Suhendri
Forum Newbie
Posts: 11
Joined: Tue Jan 06, 2004 7:14 pm
Location: Tangerang, Indonesia
Contact:

Post by Suhendri »

astions wrote:Personally I would go with ioncube. It is more difficult (and costly) to decode.

Your best solution would be to just host the application on your own server and not allow the client access to the code.
Currently i'm looking around for an encoder like ioncube, zend or source guardian. But in other thread, they said it's not worthed to used encoder, cause it's not 100% my code will secured and its easily to re-engineer/decode the protected code... But i will to find and need more information about encoder, which tools is the best for my problem and more difficult to decode the protected code.

To host the application on my server is a last solution, and it will be costly. I'm only a free-lancer who worked at home, and don't have a real server.. :oops: :oops:
Suhendri
Forum Newbie
Posts: 11
Joined: Tue Jan 06, 2004 7:14 pm
Location: Tangerang, Indonesia
Contact:

Post by Suhendri »

feyd wrote:Unfortunately all of the currently available byte-code compilers have been cracked. If the company wanted to gain access to the original code, it wouldn't take them long or much effort.

If you're truly scared of them ripping you off, host it on servers you control or invest in a very good license, which both parties keep (signed) copies of which specifically list the limitations of their appropriation of the code.

:banghead: :banghead:

i don't trust the license or the agreement between me and the client... :oops: :oops: If they stolen my code, and they re-write code or change the screen lay-out, they can claimed that new system is their not mine..

FYI. in my country, the cost to sue some-one its more expensive than the money i get for the system-price...

Usually i sold the system to the clients also have programmers, but they can not created the system cause the time limit or some thing else. I'm scared and worried to the clients like that.

I'm make a living with create the application and maintain the applications...
Suhendri
Forum Newbie
Posts: 11
Joined: Tue Jan 06, 2004 7:14 pm
Location: Tangerang, Indonesia
Contact:

Post by Suhendri »

Am I Paranoid :?:
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Post by superdezign »

Suhendri wrote:Am I Paranoid :?:
Yes and no. Yes because you are so concerned, but no because it is possible for it to be taken without your permission. However, if you aren't willing to use the law to your advantage, then you can be easily stolen from. If you don't provide consequence for theft, then once it is stolen, you can't do a thing about it.
Post Reply