We help IT Professionals succeed at work.

How safe is a .lib file ?

CrypToniC
CrypToniC asked
on
Generally a coder wish to distribute his/her work but not
the source (perhaps it is based on license fees or similar)

The question is how hard is it to reverse engineer a
.lib file (generated by MsDev)

How safe is a .a .so .o file in Unix ? (created by gcc)

Are there any switches I need to enable in order to get higher safety ?
Comment
Watch Question

CERTIFIED EXPERT

Commented:
i should image they are okay, a DLL would be prefered on windows
Never distribute a debug build, as there is too much information available for reverse engineering (and code is much easier to read).

Under windows, rather distribute a DLL than a LIB, because you would need to distribute different LIB's for all combinations of ompiler settings anyone can imagine useful, and once you found them all, someone else will come up with a setting you didn't expect. (Note that they multiply, e.g.: bind C++ runtime static/dynamic, enable/disable RTTI, enable/disable exceptions, alignment 1,2,4,8 makes 4*2*2*2 = 32 configurations...). Since I had weird problems because of this, I avoid LIB-distributed stuff, even if it's free.

So if you want to distribute libs, you might need to make the offer to adjust the lib to particular compile settings. And make the promise you will "always be there".

You can always get to an assembly listing. The hard step is to recover an algorithm from the assembly. There are people that can, but they are numbered. If this is not enough, you need to go for some encryption of the binary - but this is something I wouldn't buy either.

You cannot avoid someone selling your lib as their own, unless you have some lawyers.

Finally: If I should buy, I expect: a DLL, thorough documentation, support with "how can I make your lib do this", and *fast* response to bug reports, and removal of bugs.

Distributing source code lowers the requirements "beyond DLL" - at expense of your code being copy&pasted at will.

Peter


BTW. for .o files it should be the same as .libs

Author

Commented:
Since this will be on an embedded system there cant be
an .DLL however the info is much apprechiated (? how is it spelled ??)(The acctual development will be on Windows/*nix though)

Thanx alot
/CrypToniC

Explore More ContentExplore courses, solutions, and other research materials related to this topic.