DII
DevHeads IoT Integration Servertechielew
Python source code protection from read
Is this for a commercial project? How imperative is it that either the source or the binary are encrypted? What are you concerned about protecting against? IP theft/cloning? Vulnerabilities? Something else?
There are commercial products like IAR Embedded Trust that provide application encryption and other security measures. And other services that encrypt binaries. Of course, those aren't FOSS..
brotherjoons•122d ago
Thanks @techielew . As additional info on the context of the use case. The Python code runs on a RasPi to provide entertainment. The RasPi is integrated to another machine that is a wellness product. The purpose of the encryption is for IP protection (against copying or cloning)
For ease of use and quick deployments, I am inclined to avail myself of paid tools such as Sourcedefender and Secupy. Minimal changes would be done to the existing code and there would be no noticeable effect or non at all on performance (as they advertise).
For obfuscating the source codes using free tools, I am inclined to use Cython. Here the Python files are converted to C and compiled into machine code, which cannot easily be reversed and should be enough to thwart undetermined attempters. However, this would involve a cycle of testing/retesting to ensure that there are no regressions on functionality or bad effects on the performance.
I would like to seek the community's inputs on the best practices how to approach this. Thanks.
techielew•122d ago
Yeah interesting question. Let’s hear what the @Software Integration members have to say. Hopefully they can find their way into the thread but if not I’ll pop it out into a forum post.
brotherjoons•122d ago
Thanks @techielew
nour_oud•121d ago
@brotherjoons I think the best tools are:
pyconcrete: It works by compiling Python scripts into bytecode and then encrypting the bytecode. The decryption happens at runtime.
codeclose: It renames variable and function names to make the code less readable.
sourcedefender: It works by encrypting the source code and then decrypting it at runtime.
But you should know that the effectiveness of such tools depends on the level of security you need. Keep in mind that no solution is entirely foolproof.
And about the best practices, you need :
➡️ Regular Updates
➡️ Thoroughly test obfuscated code to make sure it works as expected.
➡️ Always keep a secure copy of the original code. In case there are issues or if you need to update the code.
Balancing security with usability and performance is key, and regular reviews of your protection strategies can help ensure the ongoing effectiveness of your IP protection measures.
brotherjoons•121d ago
Thanks for the insights @nour_huda
techielew•121d ago
@tahenan, @Marvee Amasi not sure if you have any insights or experience in this domain but though i'd flag this..
The DevHeads IoT Integration Server accelerates technology engineering by helping pro devs learn, share and collaborate.
1.2KMembers
View on DiscordWant results from more Discord servers?
More Poststrying to find a solution in home assistant concerning multi tvr and switch to controllHow do brain-computer interfaces use sensors?https://www.sensortips.com/featured/how-do-brain-computer-interfaces-use-sensors/Watch ESP32’s GPIO status in real-time in a web browserGPIOViewer is an innovative open-source Arduino library designed for real-time monitoring of GPIO piData Proxy - the often-overlooked potential of a Digital Twin.In my previous article, I covered the Data Structure aspect of the Digital Twin. Unfortunately, the How to use TFLite on Raspberry Pi Zero 2WHi, I want to run a pose estimation TFlite model on raspberry Pi Zero 2W, is there any way to do so.EMI EMC TestingHere is the question that I get asked a lot.
Can you do the test for EMI and EMC on the software itLooking for Work? Comment Here..Are you looking for a technical role? Comment here so prospective employers can quickly identify youCreate a wifi configuration for Pi0 W that worksHello,
following examples, I created a wpa_supplicant.conf file directly on the SD card with the seHow to Debug STM32 ARM Cortex-M Microcontroller using STM32CubeIDEThe most important aspect of firmware development is debugging. When dealing with bigger projects, mHow to write technical specification for your embedded product?https://pallavaggarwal.in/technical-specification-for-an-embedded-product/amazon alexa integration with o auth 2.0so i have worked on integrating mqtt based devices with custom amazon alexa skill via aws lambda funNuclear battery produces power for 50 years without needing to chargeBetavolt, a Chinese startup, has developed the Betavolt BV100, an innovative nuclear battery deliveri am looking for lora gateway with multiple nodes projectare there any resources which are available to learnIssues connecting a camera to my Raspberry PiHello, I'm trying to connect a camera to my Raspberry Pi, but I can't get it to be recognized.
```bHardware Debugging and Troubleshooting Tips - EbookAlso find a curated list of tools to equip your lab with!My take on the IoT 2023 review by IoT AnalyticsMy take on the IoT 2023 review by IoT Analytics:
1) The IoT market has matured, and the hype cycle Free Giveaway: Ynvisible Evaluation Kithttps://www.linkedin.com/posts/pallavaggarwal_ynvisible-ultra-low-power-display-ynvisible-activity-7Building IoT solutions using open-source - with Frédéric Desbiens.Is it possible to build a commercial IoT solution using open-source components? What options should