This post originated from an RSS feed registered with Ruby Buzz by Ryan Davis. Original Post: ZenObfuscate now available Feed Title: Polishing Ruby Feed URL: http://blog.zenspider.com/index.rdf Feed Description: Musings on Ruby and the Ruby Community... Latest Ruby Buzz Posts Latest Ruby Buzz Posts by Ryan Davis Latest Posts From Polishing Ruby

ZenObfuscate

...for when you really really have to ship a binary...

"Being perfectly honest, your obfuscator has made me feel like writing RubyCocoa apps is a commercially viable business, whereas before I had my doubts." - Aidan Rogers, Infurious

ZenObfuscate is now commercially available and is already being used in a commercial application.

What is it?

ZenObfuscate is a translator for a fairly large subset of ruby that converts your pure ruby code into a dynamically loadable binary, protecting your intellectual property(*).

How does it work?

ZenObfuscate has a commandline interface that takes the specified ruby files and outputs a dynamically loadable binary (.bundle on osx, .so on unix/linux and .dll or windows).

Please understand: We aren't simply scrambling variable names and the like. We're compiling your code down to binary. No, not a simple loader with a string (encrypted or not) on the tail. This is a real translation to C and compiling a binary.

ZenObfuscate is built on a solid foundation: RubyInline and ParseTree. Both are long-standing open source packages for ruby with a ton of unit tests. ZenObfuscate also ships with a suite of unit tests (themselves partially obfuscated to show it works on both sides).

When is it available?

ZenObfuscate is available nowish on an individual basis.

How much does it cost?

ZenObfuscate costs $2500 for a site license or is individually negotiable for other licensing schemes. Yes, that is expensive. That was on purpose. But don't let that thwart you too much. If your product is really cool and we want to see it succeed, we'll make it work. "Really cool" is not freecell.

What are the restrictions on licensing?

ZenObfuscate is a commercial product produced wholly by Eric Hodel and Ryan Davis and is not for redistribution. All rights are reserved, etc., etc. Binaries produced from ZenObfuscate have no restrictions of any kind (except determined by their authors).

What type of support do you offer?

We try our best to make our product work for you, within reasonable limitations. If we had to put a number on it (and we don't want to) we'd probably say that 10 hours of support are included with the site license and after that we'd have to negotiate additional support. We doubt this will happen.

Requirements

ruby 1.8.x, ruby2c, parse_tree, rubyinline (all available as gems) available on darwin ppc, darwin intel, freebsd x86, freebsd amd/64bit, and linux x86 (with coaxing and/or bribes).

Known Limitations

There are issues with what the obfuscator can translate to C and as a result you may need to modify your code in order to translate it. Usually this is a pretty straightforward and simple task. We do a good job of translating static ruby to its equivalent C, but not all ruby has an equivalent in C.

• Only translates methods in classes and modules, not freestanding code.
• Explicit returns are required in all methods.
• Temporary: Conditional logic (including ?:) may not be on the right hand side of an assignment.
• Temporaryish: Exception handling and generic block closures currently don't translate.
• Some expressions in ruby we don't currently do, but could upon request, where some other ruby expressions will never translate.

(*) No. You'll never ever fully protect your IP if they have it in hand. That is simply a fact. We just raise the bar enough that it isn't worthwhile for most people.