[Cuis-dev] Is it possible to hide the source code in a Cuis project ? And is it good for Cuis?

Nicola Mingotti nmingotti at gmail.com
Thu Jan 13 05:34:51 PST 2022



On 1/12/22 23:38, ken.dickey at whidbey.com wrote:
> On 2021-12-23 13:36, Nicola Mingotti via Cuis-dev wrote:
>
>> The only chance I see here, is to change the VM to make it
>> load an encrypted image and password-protect access to
>> the browser tools in your UI. Of course if someone gains root
>> access to your computer, he/she could easily read the decrypted
>> image from RAM.
>
> Nicola,
>
> The VM could read the bytecodes via a decrypted cache (perhaps using a 
> simple block cypher).  Only the "read cache" code is special and 
> signed.  Basically, one plugs into instruction fetch.
>
> One can size the decryption cache and do some "read-ahead" to reduce 
> latency.
>
> As you point out, this is an obfuscation technique.  But as the image 
> is decrypted in blocks, you do not expose the entire image at once.
>
> Just a thought..
> -KenD


Thank you for your thought Ken !

For the moment I will keep the thing unencrypted and obfuscated.

This project is just too little to worry about copy/paste, I would need 
to spend
more time on this than on writing the code itself. I will probably only 
put the little
machine in some kind of resin bath (epoxy-like maybe) or silicon. So, 
well, yes, if they get
their finger on the machine body with a little googling they can get 
root access and
they can read whatever, but to get there, they need to do some 
unpleasant manual work ;)

Also they would need to work in the dark, they will know what the 
machine is only
after removing the nasty protective layer.

The problem will come up again on more complex stuff but for the moment 
it is closed.


bye
Nicola













More information about the Cuis-dev mailing list