Re: Hiding source code

by "Frank Boumphrey" <bckman(at)ix.netcom.com>

 Date:  Mon, 17 Jul 2000 00:55:35 -0400
 To:  "Anthony McLin" <mclin(at)usc.edu>,
"HWG Techniques" <hwg-techniques(at)hwg.org>
 References:  usc
  todo: View Thread, Original
If you really want to hide your source code use something like ASP or PHP
which keeps all the code on the server, and just makes an HTML stream.

But the question always comes up, "Why bother to hide your code?". Any
competent coder can duplicate any thing they see on the web. And if they
can't, they just ask on a list like this, and get the answer!

Frank
----- Original Message -----
From: Anthony McLin <mclin(at)usc.edu>
To: HWG Techniques <hwg-techniques(at)hwg.org>
Sent: Sunday, July 16, 2000 9:07 PM
Subject: RE: Hiding source code


> Hiding your source is impossible.  As any decent hacker or cracker can
tell
> you:  "Anything I can hear or see, I can copy."  The only way you can
truly
> protect your source from prying eyes is not to post it - which defeats the
> entire point of the internet, the web, and why you did the coding to begin
> with.  As others have mentioned - even Flash source can be hacked.  As for
> disabling right-clicking on images, there are ways arround it.  When you
> publish ANYTHING to the internet (not just the web) you must ask
yourself -
> what exactly am I trying to share to the world?  Because that is what the
> internet is about - file sharing.  What is so important about your
> sourcecode that you must hide it?  If it's a security issue w/ login
> scripts, how your server works, etc... then you are using the wrong
> implementations of your login scripts, server workings, etc.  If it is
your
> hard-worked code - get over it, thats how the world works.  If it is your
> client thinking it's a security issue - then you need to educate your
client
> on internet security.  Bottom line:  if you want to display something to
the
> world, you must tell them how it is displayed (source code) and somehow
> transmit it to them.  If you want them to see what you are trying to
convey,
> they must be able to recieve it, and thus there is always the possibility
of
> seeing the source data.  Rather than trying to block their access of the
> source data (which is futile) you need to rethink what you are
transmitting
> and why you are transmitting it.  If something is sensitive, dont put it
in
> the source code of a web page.  Like ANY other media/format the displayed
> result can be hacked/cracked and the source data viewed by unwanted eyes.
>
> Just my US$0.02 worth on a topic that seems to come up every couple of
> months on this mailing list.  I in no way intended to start any kind of
> flame war and therefor apologize at this point for offending anyone who
> might take offense at this email.  However I'd like to remind those
getting
> inflamed that I have just as much a right to my opinnion as you.
>
> Sincerely, with only help intended,
>
> Anthony McLin
> mclin(at)usc.edu
> http://www-scf.usc.edu/~mclin
>

HWG hwg-techniques mailing list archives, maintained by Webmasters @ IWA