Learn how to protect your Intellectual Property in this free AHK webinar

Talk about anything
freespacing
Posts: 131
Joined: 28 Sep 2016, 11:14
Contact:

Re: Learn how to protect your Intellectual Property in this free AHK webinar

21 Jan 2020, 23:57

your developed script does not have to remain Open Source
As of Jan 2020, does anyone know if there a good pathway to obfuscate and/or encrypt source code in compiled scripts?
Last time I looked, about a year ago, I spent three days chasing black cats down blind alleys.

Asking about something that can work with large scripts, with many thousands of lines, lots of include files, tons of functions.
SOTE
Posts: 910
Joined: 15 Jun 2015, 06:21

Re: Learn how to protect your Intellectual Property in this free AHK webinar

22 Jan 2020, 06:45

freespacing wrote:
21 Jan 2020, 23:57
your developed script does not have to remain Open Source
As of Jan 2020, does anyone know if there a good pathway to obfuscate and/or encrypt source code in compiled scripts?
Last time I looked, about a year ago, I spent three days chasing black cats down blind alleys.

Asking about something that can work with large scripts, with many thousands of lines, lots of include files, tons of functions.
I don't quite understand how you have never found an answer to that question, when a search for encrypt or obfuscate will turn up lots of posts on the subject. Probably the latest help topic where the subject was explored is here (and lists some protection options)-
https://www.autohotkey.com/boards/viewtopic.php?f=76&t=69724
(AHK Script Encryption)

Long story made shorter, interpreted programming languages like AutoHotkey and those using bytecode (AutoIt, Java, JavaScript, Python, PHP, PowerShell, C#, Lua, etc...) are going to have a much more harder time with protection than totally compiled languages (like C/C++, Pascal, Go, Swift, etc...). The interpreter must be able to "see" your script in order to execute it. However, even if you used a compiled language, there are still ways and many tools out there to edit/patch/crack/reverse engineer it from machine code, to Assembly language, and then pseudo C code. The expectation to create a hackerproof program is unrealistic.

Be that as it may, it hasn't stopped programmers and companies from releasing their programs and doing business, so sometimes people are being more worried about the imaginary loss of profits than they should. This is because probably 95% of users have no idea about reverse engineering and cracking, don't want to waste their time on such, or are law-abiding types. Of the probable 5% that remains, most likely have only a passing interest or limited knowledge and are easily deterred with basic protections (some of those protections are talked about in the link provided). And of the remaining willing to spend lots of time, are very knowledgeable, or are criminals, no matter what software protection that is used, it's not going to stop them from eventually cracking it (to include spending weeks or months trying).

Thus your best alternate route (outside of encryption and obfuscation) is legal protection, which is what Joe Glines webinar is about. Suggest viewing it, if you haven't already, very informative videos.
freespacing
Posts: 131
Joined: 28 Sep 2016, 11:14
Contact:

Re: Learn how to protect your Intellectual Property in this free AHK webinar

22 Jan 2020, 08:20

Hi @SOTE
Thank you for your detailed reply, full of interesting thoughts about reflexions.
SOTE wrote:
22 Jan 2020, 06:45
a search for encrypt or obfuscate will turn up lots of posts on the subject.
Of course I found lots of threads at the time, that's what I meant in my OP by
I spent three days chasing black cats down blind alleys.
Some of these solutions worked only for small files; or required that you compile an alternate version of AHK with an old version of Visual Studio that didn't play well with mine; or that you pepper your script with directives — just not doable for a really large project.

Looking at my notes from the time, some of the signposts on that road were MPress, YuHei, HotKeyIt, AHK Dynamic Obfuscator, Obfuscator, FeiYue… but there were more.

Here is the TL;DR I wrote for myself when I abandonned:
1. Obfuscate the code before compiling.

2. Don't try to convert the EXE using tools like MPress: (i) false virus warnings, (ii) published decompiling tools

3. Obfuscation: no success for the large script with the YuHei tool, (ii) trying Autohotkey-Obfuscator-L which is a complex project.

4. Encryption at compilation time: apart from the MPress comment above, there is a tool by HotKeyIt that runs on the branch of AHK calls AHK_H and which requires compiling the AHK_L source code in Visual Studio 2015 (didn't manage it), providing an encryption password.
The thread you supplied is more recent: thank you very much, I will look at it. The latest in obfuscation / encryption: that's exactly what I was looking for.
Cheers.

Return to “Offtopic”

Who is online

Users browsing this forum: No registered users and 64 guests