However, whilst they're not trivial, they're not impossible to beat, either. I am not familiar with sourceguardian, but Zend is built in the same fashion, albeit a bit more secure and harder to beat than ionCube. Why? Because it dissuades the large majority of script kiddies. It runs as a VM - and is vulnerable to all VM side-channel attacks in addition to flat-out reverse engineering (one presentation here: ). IonCube relies on a pretty simplistic implementation - XOR from start to finish, which is hardly a "security measure". The answer simply reduces to: because there are dumbasses stupid enough to believe that PHP can be "securely encoded", the same way there are people stupid enough to believe that requiring a serial code for an application automatically makes it secure.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |