Watermarking a java source file?
levipearson at gmail.com
Thu Sep 13 23:08:01 MDT 2012
On Thu, Sep 13, 2012 at 10:33 PM, Andy Bradford <amb-plugg at bradfords.org>wrote:
> Thus said "S. Dale Morrey" on Thu, 13 Sep 2012 22:26:21 MDT:
> > It's b, sorry if I wasn't clear. I'm giving some files to someone for
> > review. I don't want these to become distributed since they contain
> > secret sauce recipes and if they leak I want to be able to blame the
> > correct person.
> Automatically generate every piece of your code. The function names
> should be generated as well as variable names. Make the function names
> look non-random. Then, give out a different, randomly generated copy of
> the code to the various parties and keep track of which party received
> which randomly generated version of the code.
> Would this work?
This is again trivially defeated by a parser/pretty-printer combo with a
renamer, at least if they knew there was a watermark to defeat. These
sorts of code obfuscation tools are common, and wouldn't be hard to build
from easily-combined components in a tool-rich language ecosystem such as
Java's anyway. It would be impossible to tell which was the source after
the random renaming.
The problem with this is the very nature of computer programs. Computer
languages are designed to have a precise and unambiguous interpretation
because they must ultimately control computers. All of the computer
programs that are isomorphic to one another in meaning must necessarily be
transformable to one another, at least in theory. There's no way to tell
what the "original" form was without changing the meaning if all the
meta-information in the program text is replaced.
Now, you could potentially do some sort of alteration to the meaning of the
program that would identify the original recipient without altering the
primary desirable properties of the program, and this (if hidden well
enough) would defeat simple program transformations. It would be much
easier to just stick it in an appropriately watermarked PDF. :)
More information about the PLUG