# Protecting an APP file from being hacked...



## konan (Jun 11, 2002)

What is the best way to protect an APP file (made with Project Builder) from being hacked (by and amateur)? I notice the the APP package has the NIB files and stuff openly accessible. 

Is there any programs that will encryption and stuff to help protect the APP file from being tampered with?

Konan

p.s. Thanks to everone who have been helping me so far


----------



## Trip (Jun 11, 2002)

You could try locking the folder with resources in it or something. I'm not 100% sure on this, but when I was working with AppleScript Studio a few months ago I, also, was looking for an answer to this problem.

I've seen some applications (Chimera) that have their resources folder opaque and un-able to open it. I need to learn how to do that.


----------



## iconara (Jun 12, 2002)

I belive that it's not doable. If it's on the users HD, then the user can access it. You can of course do things like those below, but why? Information whants to be free, and personally I think that everything should be opensource, make the software free for those who do not make money out of using it (like the MySQL-licence).

1) Obfuscate your code (prevents disassembling and reverse engineering). Obfuscating means running a program on either your code or the finished program that will make any attempts to disassembling it quite pointless since the code created will look much like spaghetti (some say ravioli, but I think it's more like spaghetti). Disassembling is the reverse process of compilation, making source code out of a binary program. Maybe this is not what you had in mind.

2) Don't use Nibs, create the GUI in your (obfuscated) code, then people cannot see how you made that snazzy interface.

3) Encrypt your files and decrypt them when they are used in the program, using some of the freely available encryption-libraries. Images and other binary data could also be hard-coded into the code, it'd still be possible to extract it, but quite cumbersome.

4) If it's the amateur your after try "chmod a-r -R Appname.app/Contents/Resources" then no one will be able to read from that directory, not even the program itself (and therefore you must chmod it back when the app starts...). hmmm, am I right in my chmod there, it usually takes me one or two times to remember the exact combinations...


All the methods above are quite over the top, I don't really know what you want to do, or why you what to do it, but it's an interesting topic...


theo


----------



## konan (Jun 13, 2002)

Hey Iconara,

>Obfuscate< is exactly what i am looking for. I am not too worried about the NIB, since my program's interface is done in OpenGL. Only the basic things like the menu use a NIB.

Now, can you point me into the right direction for  Obfuscating my code (using Project Builder 2.0) ?

Konan


----------



## iconara (Jun 14, 2002)

I'd try a search on the web... (Freshmeat.com, Google, Sourceforge.net) I can't point you to any program that I know works for Mac OS X, apart for some Java obfuscators. What you whant is either something that obfuscates Objective-C-code (don't think that those which obfuscate plain C will work) or something that obfuscates the machine code (dunno if that can be done in C though, it is very effective in Java... but C... I am not familiar enought with it to say). Sometimes obfuscators are called optimizers... they'll optimize your source code for size (definately) and speed (maybe).


a little note: it is not _that_ easy to reverse engineer compiled code, so obfuscating is mostly a waste of time.



happy coding

theo


----------

