Deploying encrypted procs to customers

  • I have a remote DBA database which runs purely within the transact environment.

    All of the procs are encrypted. Not particularly for security but more for maintainability.

    I know I can decrypt procs pretty quick and assume anyone wanting to steal my IP could do the same, the encryption makes it a deliberate act on behalf of the customer to change the code, thereby rendering issues caused by changed source patently chargeable.

    The issue is that if I send the customer a clear text script with the new proc they can edit before it gets deployed.

    Is there any way of deploying a script pre encrypted? Sort of like when you do help_revlogin how the passwords are pre hashed.

    Additionally is there actually any sensible way of hiding your IP in your procs?

    Everything I have seen so far is beatable, sure most require a restart of the server but you just take a backup and dump it on your notebook and go to town. Best idea I have had is to deploy dll's and call extended procs, I don't like that idea too much. Off server stuff is ripe for mistakes in credential passing and I am not a very good C# guy.

    I know it is great that we can read the system procs and all but surely some people actually have products with IP out there, I have been building all mine with the good stuff on my server and theirs send data to me for processing which keeps all my s33krits relatively safe (data comes in via encrypted email) so no 2 way path of communication.

    I suspect the day may come where I do something I would actually like to keep relatively secret be interesting to know if it is possible.

  • You could write an executable installer that accepts a servername and credentials as inputs and then writes the sprocs to the server itself. The end-user could still profile that session and see the clear text but the could not tweak the script before hand..

    I really don't think it would be all that big or hard.

    CEWII

  • I think you can hide data from the profiler by including certain key words in a script. I believe that "PASSWORD" is one. Drove me crazy that I could not profile certain things for debugging purposes, but that is the way that Microsoft makes it work.

    That would not prevent them from using a network monitor utility, so you would have to deploy over an encrypted session.

  • I really think we just need to keep honest people honest, profiler is an easy way to see the code, setting up a network monitor is a big step..

    I think sp_password even in a comment will cause profiler to hide the text..

    Do you have this all solved or did you have additional questions?

    CEWII

  • Is the issue just maintainability? Are you worried that customers will alter the script and then call for support? A surcharge for support might solve that.

    The other thing you could do is require Internet access, and then have an installed download and run the script from your site. It doesn't alter the profiler issue, but it might be more maintainable as a installer.

  • Time got away from me. A few quick responses:

    Elliott: You could write an executable installer

    Yep that would be fine for my current stuff, I just wonder about if you had real IP to hide.

    Michael: PASSWORD / Encryption

    as you say a network sniffer would grab it, I guess an exe with guaranteed encrypted session might do it. The procs would still be trivial to reverse engineer. I am thinking of close to true safe deployment at client site.

    Steve: Maintainability / Net Access

    Yeah my core question at the moment is how in the hell would we keep anything great we did safe. I have put a few things together which I have then found at other sites with line by line stolen from my apps with no attribution which is annoying. I am sure clients that have paid for my dev time are not happy with their staff firing it off to friends either.

    There is always the chance a client could accuse me of redeploying their code, unlikely sure but that would be painful.

    If it was a core part of my business I would be more than slightly annoyed 🙂

    I have a personal opinion that it is impossible but wondered if anyone else had had a shot at it.

    One of the things I am working on currently falls into the category of "we can't sell it as a product if they could get the source code" as then we would lose all business competitive advantage. So we can only sell it as a service.

    Thanks for the comments so far, even though they are painfully agreeing with me in essence.

Viewing 6 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic. Login to reply