develooper Front page | perl.perl5.porters | Postings from March 2023

"piracy" misinformation

Thread Next
From:
zefram via perl5-porters
Date:
March 1, 2023 03:51
Subject:
"piracy" misinformation
Message ID:
5.37.9_167450_1677640366@barba.rous.org

This is a bug report for perl from zefram@fysh.org,
generated with the help of perlbug 1.43 running under perl 5.37.9.


-----------------------------------------------------------------
<!--[Please describe your issue here]-->

The pod/perlfilter.pod document says "The original purpose of source
filters was to let you encrypt your program source to prevent casual
piracy.".  The likening of copyright infringement to nautical hijacking is
wildly hyperbolic.  Perl should not be spreading this line of tendentious
misinformation.  Even without the hyperbole, it's misleading to say
that program encryption is aimed at preventing copyright infringement:
it doesn't actually impede copying of the whole file.  The things it
really impedes are the understanding and editing of the program, which are
actions that are at most only loosely connected to copyright infringement.

I suggest that the word "piracy" should be replaced with "reading",
which is both a more neutral term and a more accurate description of what
program encryption impedes.  There's also a similar problem with the word
"cracker" later in the document.

The document also understates how fundamental it is that program
encryption can't fully prevent access to the real source code.

The patch below fixes all of these problems.  I see that the bug report
template has acquired some unfamiliar character sequences, which I
suspect is meant to make the bug report a document in some kind of markup
language.  But since there's nothing (in the template or in perlbug(1)'s
output) specifying what language that might be, I'm not attempting to
engage with it.  It's entirely likely that the patch would cause mayhem,
or at least render in a very broken way, if interpreted as markup.
This bug report, in the form in which I'm sending it, is nothing more
than plain ASCII text.

PATCH_START
--- a/pod/perlfilter.pod	2023-03-01 02:58:11.023713244 +0000
+++ b/pod/perlfilter.pod	2023-03-01 03:40:31.954487800 +0000
@@ -12,7 +12,7 @@
 own.
 
 The original purpose of source filters was to let you encrypt your
-program source to prevent casual piracy. This isn't all they can do, as
+program source to prevent casual reading. This isn't all they can do, as
 you'll soon learn. But first, the basics.
 
 =head1 CONCEPTS
@@ -205,18 +205,17 @@
 All decryption filters work on the principle of "security through
 obscurity." Regardless of how well you write a decryption filter and
 how strong your encryption algorithm is, anyone determined enough can
-retrieve the original source code. The reason is quite simple - once
-the decryption filter has decrypted the source back to its original
-form, fragments of it will be stored in the computer's memory as Perl
-parses it. The source might only be in memory for a short period of
-time, but anyone possessing a debugger, skill, and lots of patience can
-eventually reconstruct your program.
+retrieve the original source code. The reason is quite simple:
+in order to execute your program Perl must parse its source code.
+This means that Perl must have all the information needed to decrypt
+your program, and that means that that information is also available to
+anyone able to run the program.
 
 That said, there are a number of steps that can be taken to make life
-difficult for the potential cracker. The most important: Write your
+difficult for the potential reader. The most important: Write your
 decryption filter in C and statically link the decryption module into
 the Perl binary. For further tips to make life difficult for the
-potential cracker, see the file I<decrypt.pm> in the source filters
+potential reader, see the file I<decrypt.pm> in the source filters
 distribution.
 
 =back
PATCH_END

<!--[Please do not change anything below this line]-->
<!------------------------------------------------------------------- -->


---
**Flags**
- category=docs
- severity=low
---
**Perl configuration**
```
Site configuration information for perl 5.37.9:

Configured by zefram at Wed Mar  1 02:31:43 GMT 2023.

Summary of my perl5 (revision 5 version 37 subversion 9) configuration:
   
  Platform:
    osname=linux
    osvers=5.10.0-21-amd64
    archname=x86_64-linux-thread-multi
    uname='linux barba.rous.org 5.10.0-21-amd64 #1 smp debian 5.10.162-1 (2023-01-21) x86_64 gnulinux '
    config_args='-des -Dprefix=/home/zefram/usr/perl/perl_install/perl-5.37.9-i64-f52 -Duselargefiles -Dusethreads -Uafs -Ud_csh -Uusesfio -Uusenm -Duseshrplib -Dusedevel -Uversiononly -Ui_db'
    hint=recommended
    useposix=true
    d_sigaction=define
    useithreads=define
    usemultiplicity=define
    use64bitint=define
    use64bitall=define
    uselongdouble=undef
    usemymalloc=n
    default_inc_excludes_dot=define
  Compiler:
    cc='cc'
    ccflags ='-D_REENTRANT -D_GNU_SOURCE -fwrapv -fno-strict-aliasing -pipe -fstack-protector-strong -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -D_FORTIFY_SOURCE=2'
    optimize='-O2'
    cppflags='-D_REENTRANT -D_GNU_SOURCE -fwrapv -fno-strict-aliasing -pipe -fstack-protector-strong -I/usr/local/include'
    ccversion=''
    gccversion='10.2.1 20210110'
    gccosandvers=''
    intsize=4
    longsize=8
    ptrsize=8
    doublesize=8
    byteorder=12345678
    doublekind=3
    d_longlong=define
    longlongsize=8
    d_longdbl=define
    longdblsize=16
    longdblkind=3
    ivtype='long'
    ivsize=8
    nvtype='double'
    nvsize=8
    Off_t='off_t'
    lseeksize=8
    alignbytes=8
    prototype=define
  Linker and Libraries:
    ld='cc'
    ldflags =' -fstack-protector-strong -L/usr/local/lib'
    libpth=/usr/local/lib /usr/lib/x86_64-linux-gnu /usr/lib /lib/x86_64-linux-gnu /lib
    libs=-lpthread -lgdbm -ldb -ldl -lm -lcrypt -lutil -lc
    perllibs=-lpthread -ldl -lm -lcrypt -lutil -lc
    libc=libc-2.31.so
    so=so
    useshrplib=true
    libperl=libperl.so
    gnulibc_version='2.31'
  Dynamic Linking:
    dlsrc=dl_dlopen.xs
    dlext=so
    d_dlsymun=undef
    ccdlflags='-Wl,-E -Wl,-rpath,/home/zefram/usr/perl/perl_install/perl-5.37.9-i64-f52/lib/5.37.9/x86_64-linux-thread-multi/CORE'
    cccdlflags='-fPIC'
    lddlflags='-shared -O2 -L/usr/local/lib -fstack-protector-strong'


---
@INC for perl 5.37.9:
    /home/zefram/usr/perl/perl_install/perl-5.37.9-i64-f52/lib/site_perl/5.37.9/x86_64-linux-thread-multi
    /home/zefram/usr/perl/perl_install/perl-5.37.9-i64-f52/lib/site_perl/5.37.9
    /home/zefram/usr/perl/perl_install/perl-5.37.9-i64-f52/lib/5.37.9/x86_64-linux-thread-multi
    /home/zefram/usr/perl/perl_install/perl-5.37.9-i64-f52/lib/5.37.9

---
Environment for perl 5.37.9:
    HOME=/home/zefram
    LANG (unset)
    LANGUAGE (unset)
    LD_LIBRARY_PATH (unset)
    LOGDIR (unset)
    PATH=/home/zefram/usr/perl/perl_install/perl-5.37.9-i64-f52/bin:/home/zefram/usr/perl/util:/home/zefram/pub/x86_64-unknown-linux-gnu/bin:/home/zefram/pub/common/bin:/usr/bin:/bin:/usr/local/bin:/usr/games
    PERL_BADLANG (unset)
    SHELL=/usr/bin/zsh
```

Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About