Will ionCube say so? Because it dissuades the large majority of script kiddies.I am not familiar with sourceguardian, but Zend is built in the same fashion, albeit a bit more secure and harder to beat than ionCube. It runs as a VM - and is vulnerable to all VM side-channel attacks in addition to flat-out reverse engineering (one presentation here: ). The answer simply reduces to: because there are dumbasses stupid enough to believe that PHP can be 'securely encoded', the same way there are people stupid enough to believe that requiring a serial code for an application automatically makes it secure.ionCube relies on a pretty simplistic implementation - XOR from start to finish, which is hardly a 'security measure'.
0 Comments
Leave a Reply. |