Solved

Protecting files sent to clients

Posted on 2016-08-03
7
46 Views
Last Modified: 2016-08-28
My team developed an interactive depiction of a network map for my client.  It is written in JScript.  Data (network equipment, IP addresses, contact information, physical addresses, etc.)  was fed into the database.  When you open the file, a network diagram appears, and when you click on the icons you can drill down to the particulars of that piece of equipment.  For example, click on one or the routers and it drills down to its version, IP address, contact info, etc.  Click on the IP address and it gives you more information about the local IP subnet, etc...
I didn't write it and know very little about it.
When I send the file to my client or to another party, I can zip it and password protect it.  I send the password separately.
Once it is opened however, all the raw code is available to look at.  My question...  Can I further password protect the raw JScript files that are extracted so that my client nor anybody else can see the raw files and be able to reverse engineer it and develop it themselves?
Basically I'm talking about giving the recipient the password to open and view the interactive network map, but hide the actual scripts.
0
Comment
Question by:Ted James
  • 3
  • 3
7 Comments
 
LVL 8

Accepted Solution

by:
James Bilous earned 500 total points (awarded by participants)
ID: 41741453
As far as I'm aware, you can only obfuscate the JS, but not encrypt it completely:

https://javascriptobfuscator.com/
0
 

Author Comment

by:Ted James
ID: 41742853
That looks interesting.  Never heard of it.  So I don't really need to encrypt then.  Just need to make sure that who I send it to does not recreate it and/or modify it and peddle it as his own.  So if the obfuscator allows him to open it (using the password I send) and navigate thru it as a user, but not be able to get into the nuts and bolts, then that would be fine.


A little more about the app.  The developer said he wrote it in Visual Basic.  The app reads excel spreadsheets into the Json to create the network map visual.
Make sense?
0
 
LVL 8

Expert Comment

by:James Bilous
ID: 41742897
Why are you so concerned about the JS? The real intellectual property is probably in the server side application and database - JS is usually just part of the presentation layer to help make requests to the server and update the display.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 

Author Comment

by:Ted James
ID: 41746569
This is much simpler than that.  Right now there is no server connection with what I am sending them.  It is just more or less a snapshot.  We haven't yet published the whole app connected to the database at this time.
0
 
LVL 8

Expert Comment

by:James Bilous
ID: 41746593
I see. Personally, if I was in your shoes I would rely on an opt in terms of use since the preventative measures available to you are mere speed bumps to someone who would be determined to copy your application.
0
 

Author Comment

by:Ted James
ID: 41749135
That was actually my first thought but I didn't want to broach the subject with my client and fellow contractors.  I just wanted to subtly do it when I send it.  Not talk about it, just do it.

So the java script obfuscator will do the trick for my files?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives bas…
An analysis of the phishing scam that has been affecting Google users, along with steps to take for protection, as well as what to do if you receive one of the emails.
This tutorial demonstrates how to identify and create boundary or building outlines in Google Maps. In this example, I outline the boundaries of an enclosed skatepark within a community park.  Login to your Google Account, then  Google for "Google M…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now