Encrypted source as an ANDF

It seems to me that this would not be workable, because the "trusted"
compiler not only contains the decryption key, but of necessity
contains a decryption algorithm! Since one can create a totally
virtualized environment to run the compiler in (by writing a machine
language interpreter if necessary), one only needs to find where the
decrypter feeds characters to the lexer, and monitor the transfer of
data. It would run slowly, but that wouldn't be a problem, and if
extracting source code were profitable, you could easily hire a few
hackers to figure out how to cut into the compiler's operations.


The most interesting ANDF-type work I've seen is the concept of
"shrouded source code", that is, compilable source that has been
deliberately uglified by removing comments, renaming variables, etc.
Since in most cases the value of the software is not in the algorithms
(how many compilers contain *ideas* not already published?) but in the
code that implements them, shrouding makes it very hard to steal the
code for commercial use, since the stolen code is unmaintainable.
This ties in with the facts that (1) copyright is sufficient
protection for most software, and (2) maintanance is the bulk of the
development expense of any software system.


A more extreme form of the shrouded source code idea (which I have not
seen in practice) would be to write the software in a relatively high
level language (Ada, Lisp, and Algol come to mind) and have it be
translated into C. Only the original developer would have the
efficiency of working in the higher level language, even if the C were
comprehensible.
--
Dale Worley, Compass, Inc. worley@compass.com
--

Return to the comp.compilers page.
Search the comp.compilers archives again.