[Gambas-user] How easy is it to decompile

Adrien Prokopowicz adrien.prokopowicz at ...626...
Tue Jun 30 22:35:43 CEST 2015 

Le Tue, 30 Jun 2015 20:50:54 +0200, Wolfgang <123 at ...3490...> a écrit:

> Hi all,
>
> I just wonder how easy it would be to decompile (get some source code)
> from a *.deb file.
> I programmed a software -lets call it "MyProg"- in many, many hours and
> would like to install it via MyProg.deb.
> That works easily and safe.
>
> But is it (easily) possible to take the "MyProg.deb" and get the source
> code out of it?
>
> Is my work somehow "safe"?
>
> greetings from hot Bavaria
>
> Wolfgang
>

Short answer : from a security point of view, expect everything in a
compiled program to be as readable as plain text, as nothing is
encrypted or anything of the sort.

It may take some time, depending on the size of your program and
the tools available, but consider that anyone with enough will and
knowledge can make it through.

Long answer :

First, .debs themselves (like any other package, even for Windows/MacOS)
are just compressed archives. You can actually open most of them in
your favorite archive manager.
Needless to say, this is basically nothing to go through.

The actually "hard" part is to decompile the binary files generated
by the compiler. The "hardness" of this depends of the language used.
I'm assuming you are talking about Gambas here, but this applies
to any other compiled language (C/C++, Java, C# ...).

When it comes to code, compiled code is actually just your source
code "translated" into some binary form, more readable for
the interpreter. So, as you can guess, it is pretty easy to do
with the right tool.

I have never heard of any decompiler for Gambas, but making such
a tool is completely feasible (although a bit long).
Unless you have Benoît sitting next to you. I'm pretty sure he's
secretly able to decompile Gambas bytecode just by reading it. :)

As for resources (like images and so), it is just plainly copied
into the executable. Again, anyone can find and extract it.

In the end, there is nothing you can do technically "protect"
your code. There are methods out there that try to "hide" code
(like obfuscation ...), but it is just a matter of time before
someone can go through these.

However, you can give juridic protection to your work by using
licenses. I don't know much about proprietary licenses, but
if you want to go open-source, there are quite a few, such as
the GPL, MIT or Apache Licenses, or Creative Commons for anything
that is non-code.
This site[0] gives interesting summaries about these (and others).

Hope this helps,

[0] http://choosealicense.com/
-- 
Adrien Prokopowicz

More information about the User mailing list