First impressions: Ruby Encoder for ruby source code encryption

About a week ago at work, I was asked to evaluate Ruby Encoder, an application to encrypt the source code of your ruby application.

Normally, you wouldn't want to encrypt the source code of your ruby applications. The code resides on your server and there's no way anyone else can access it. However, if you are going to allow others to host your code on their own servers, you might want to obfuscate your code so that nobody can see it.

I signed up for the free trial of Ruby Encoder and so far I've been impressed with how easy it is to set it up for use with the ruby on rails application I'm working on. It took me less than ten minutes to encrypt all the ruby files and run the project on the development machine.

Ruby Encoder works by encrypting the ruby source into bytecode and then decrypts this encrypted code using a loader (which is an compiled ruby module) and sends it to the interpreter. This way, all anyone will get to see in your .rb files will be a lot of gibberish and a call to the loader function.

I haven't really had the time to check it out thoroughly and I don't know how well it will work in production, but right now it looks like the best option (and probably the only option?) for what I am trying to accomplish.

I was discussing Ruby Encoder with a friend and one very valid argument that came up was about how far such software could help if someone really wanted to clone our application. If someone wanted to steal our code, they most likely would be capable of coding the application by themselves by looking at the views of the application. So is it really worth the trouble to use an application like Ruby Encoder just to make things a little bit more difficult for them?

What do you think of ruby source code encryption? Have you ever used Ruby Encoder or similar products for any of your projects? If so, how well has it worked for you? Do you think using such an application is a good idea?

What method would you employ if you had to ensure that your ruby code remained closed source?


TechSlam said...

I have seen the encrypted ruby code with this tool. Goshhhhhhh... I bet you, its looks freakingly irreversible. Bad guys out there, challenge for you all out there. Lol

Nithin said...

@techslam. Well, companies like Microsoft spend millions every year to make sure their software isn't pirated, and yet you can find pirated software everywhere. Pirating ruby code wouldn't be all that difficult compared to that. Let's not challenge the bad guys. ;-)

Post a Comment