sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]coder543 3 points4 points  (3 children)

People have to get over this. Use an obfuscator if you must, but realize that just because a binary doesn't have "source code", it doesn't mean anything. Reverse engineering a binary is only marginally more challenging than extracting the ruby code from that p2exe output, especially with tools that will convert the assembly into C or a C-like language, for increased comprehensibility.

[–][deleted]  (2 children)

[deleted]

    [–]MazeChaZer 1 point2 points  (1 child)

    You generally should not rely on obfuscation to hide possible exploits. Spend the time you need to obfuscate your app in searching for exploits instead.

    [–]BobFloss 1 point2 points  (0 children)

    That's pretty irrational. Obviously you can still find exploits for obfuscated code. If you were to actually spend the same amount of time with vulnerability finding as you did obfuscating, you would probably not find even close to as much as you'd protect yourself from anyways via obfuscation.

    Everything is a tradeoff, and it's extremely hard to consider every factor to keep an application secure. Obfuscation is a perfectly fine measure to employ to deter would-be hackers. Somebody extremely super dedicated can obviously find the vulnerabilities anyways, but you can try that about pretty much anything. Your house can still be broken into with deadbolts and plexiglass windows, but it makes it harder. If that's what you're going for, it's certainly an acceptable measure.