[Cuis-dev] Is it possible to hide the source code in a Cuis project ? And is it good for Cuis?

[Gerald Klix]

On 1/13/22 2:34 PM, Nicola Mingotti wrote:
> 
> 
> On 1/12/22 23:38, ken.dickey at whidbey.com wrote:
>> On 2021-12-23 13:36, Nicola Mingotti via Cuis-dev wrote:
>>
>>> The only chance I see here, is to change the VM to make it
>>> load an encrypted image and password-protect access to
>>> the browser tools in your UI. Of course if someone gains root
>>> access to your computer, he/she could easily read the decrypted
>>> image from RAM.
>>
>> Nicola,
>>
>> The VM could read the bytecodes via a decrypted cache (perhaps using a 
>> simple block cypher).  Only the "read cache" code is special and 
>> signed.  Basically, one plugs into instruction fetch.
>>
>> One can size the decryption cache and do some "read-ahead" to reduce 
>> latency.
>>
>> As you point out, this is an obfuscation technique.  But as the image 
>> is decrypted in blocks, you do not expose the entire image at once.
>>
>> Just a thought..
>> -KenD
> 
> 
> Thank you for your thought Ken !
> 
> For the moment I will keep the thing unencrypted and obfuscated.
> 
> This project is just too little to worry about copy/paste, I would need 
> to spend
> more time on this than on writing the code itself. I will probably only 
> put the little
> machine in some kind of resin bath (epoxy-like maybe) or silicon. So, 
> well, yes, if they get
> their finger on the machine body with a little googling they can get 
> root access and
> they can read whatever, but to get there, they need to do some 
> unpleasant manual work ;)
This looks like a sensible solution to me.
In fact I am starting to think about business opportunities
sealed cases for raspis and co ...
> 
> Also they would need to work in the dark, they will know what the 
> machine is only
> after removing the nasty protective layer.
> 
> The problem will come up again on more complex stuff but for the moment 
> it is closed.
> 
> 
> bye
> Nicola
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
>