Tuesday, February 14, 2012

How not to protect your software

I wrote my first (completed) software package 14 years ago. It was an animation program for creating 2.5D cut-out animation. Once it was ready for distribution, I needed a way to keep users from copying the software. Naively I opted for a simple key registration mechanism which was defeated not long after its release, and a crack was out in no time.

Wednesday, February 8, 2012

Fixing Sublime Text 2 for a Japanese Windows system

Sublime Text 2 is a programmer’s text editor with build-in Python scripting. Usually I use Programmer’s Notepad as a lightweight text editor, but I decided to give Sublime a try.

Monday, February 6, 2012

Misconceptions about network security

When looking for a secure Flash protocol for our audio and video call transcoding server we preferred supporting RTMPE (and the tunnelled version RTMPTE) since this was more lightweight than the SSL versions. However users didn’t want to use these protocols, and preferred Adobe's media protocol over HTTPS and SSL (both called RTMPS, though the latter one is also known as native RTMPS). They read online (even on wikipedia) that the RTMPE version were not secure. It is hard to argue with users when they have already read the "truth" on internet. While there certainly are issues with the protocol when you don't know what you are doing, it showed that users have a lot of misconceptions about security.

Wednesday, February 1, 2012

Modifying python classes at run-time

Adding methods to python objects and classes at run-time can be very handy when API specifications are fluid or when loading custom file formats. Think for example of an object implementing a protocol defined as XML or another descriptive language. Or an object giving access to stored database methods. Instead of only having a general execute method or having to recreate a static API file, all the described methods can be added to a class at runtime.