lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu Dec 22 14:22:58 2005
From: j.schipper at math.uu.nl (Joachim Schipper)
Subject: Ioncube Encoded PHP Files

On Wed, Dec 21, 2005 at 11:46:00PM -0500, Valdis.Kletnieks@...edu wrote:
> On Wed, 21 Dec 2005 13:51:14 +0100, Joachim Schipper said:
> > Though I wonder what the point is - it's not likely to be all that hard
> > to run the code on another system. The main point seems to be to prevent
> > administrators from making local changes, and I must admit to not seeing
> > a problem with people who have bought the software doing that.
> 
> You've never had to handle a support call that involved a customer that was
> clever enough to fuck around with the code, have you?  That's a tech support
> nightmare waiting to happen, because it's guaranteed to be a major sinkhole
> of resources figuring out if the customer has hit an obscure bug in your code,
> or if they simply dorked it up.

That is a valid problem, but this is a rather heavy-handed solution.
Just telling them that code that has been altered will require special
consulting services instead of regular support.

		Joachim

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ