The dark side of CRM: protection of intellectual property – part 1

The intention of this article is to create awareness about protection your intellectual property. This applies mainly to developers involved in commercial product development, but it might also apply for developers writing who want to protect their intellectual property (e.g. certain routines).

I’ve been developing software since the early 1990’s (as a contractor, as a product developer etc). Back in the days when you compiled your sourcecode you processed a binary executable or link library. The code was compiled for a specific platform and was a binary file.
Using a hex editor you would only see a bunch of hexadecimal codes and if you decompiled it, you ended up with an assembly file.
No matter what, you were pretty sure that your code was hard to crack (at least you needed someone with serious assembly skills –  even back then those skills were hard).

Nowadays with modern languages based on a runtime (e.g. the .Net runtime, Java runtime), your source code is no longer being compiled into a binary executable, but into a byte code representation that can be processed by the runtime environment. This byte code representation can be decompiled with great ease into a human readable file.

The revealed source code is not an exact representation of the code you wrote, but the source code is revealed to anyone:

  • Making licensing mechanisms worthless.
  • Your unique complex algorythms are visible for anyone.

In fact your code can be protected by using obfuscation. Obfuscation is a technique that prevents your compiled code from being decompiled. Which is quite handy if you want to protect your code or if you want to make money by selling licenses on the software you built.

In the last months I spoke to a large number of CRM developers (contractors, product developers etc). I don’t know why, but for some reason they don’t see the need for obfuscation. Which makes me wonder:

Am I paranoia?

Do I trust people?

Do I believe in honesty?

The answers are quite simple: “No, Sometimes, Yes”. I see myself as a realist!
I trust a lot of people, but I also realize that there are a lot of people out there that cannot be trusted. Especially not when money is involved. Software licenses do represent money! In other words I don’t have the confidence that people are willing to pay me for the labour I did.

That’s why I want to protect my intellectual property with all means possible (without having to sue people). I want to get paid for the software I built…

In the this series of articles I will take a dive into the world of decompilation, obfuscation and techniques you can apply to your code to make it even harder to decompile….

Welcome to the dark side of CRM!