[Chugalug] Dropbox (and other Python Apps) Reverse-Engineered

Dan Lyke danlyke at flutterby.com
Thu Aug 29 00:16:36 UTC 2013


On Wed, 28 Aug 2013 08:49:32 -0400
Benjamin Stewart <stewartbenjamin at gmail.com> wrote:
> You can't really just say "don't use Python," because C et al. can be
> decompiled, too.

I have worked with one hardware vendor who bragged about the steps they
took to prevent people from "sanding" off the chip carrier and reading
the PROM contents with a scanning electron microscope.

Whether or not this was actually effective, this discussion was useful
when talking about security with the client.

It's all a matter of weighing the costs of the attack vector against
the value of the protected information.

You'll find most often that obfuscation and data hiding mechanisms are
usually used in situations where the vendor is trying to create
economic friction to extract more value from the customer. Seems apt
here...

Dan


More information about the Chugalug mailing list