pmjoe
There is any way to protect Elixir application source code?
I’ve developed a solution that runs in some raspberry pi’s deployed at some clients. The current solution was done with Go. It’s “working” but I know that I have some problems dealing with the wrong state where having something like Elixir supervisors would completely solve the problem.
The best part of Go is that it’s a compiled app, so the client can’t get the source code. There is any way to do something like this to Elixir? I’m thinking of porting the app to Elixir as it’s small.
Most Liked
slouchpie
I literally spent 2 minutes searching github for “elixir lib lawyers obfuscation”. Then I realised “oh, actual human lawyers”. ![]()
al2o3cr
There’s a simple, cross-platform, language-agnostic tool that’s perfect for this application: LAWYERS. If you’re worried about your clients stealing proprietary algorithms the way to guard against that is with contract language.
You can put up technical roadblocks, but ultimately you’re handing them the algorithms in a form that’s analyzable and reversible given sufficient time and money.
jjcarstens
@mmmries is correct - The typical connection path is WSS with client-side and server-side SSL to establish that connection. On our production devices, we use the ATECCA508A/608A cryptographic chips for storing the device cert and key.
Firmwares are signed and the device has the public key to verify the file to prevent installing unknown firmware.
There is a decent amount to it so I’d recommend digging through the NervesHub documentation a bit for the gist if its of interest.
We’re also working towards root-filesystem encryption on our devices as a further step of protection when using Nerves (but this has a little bit to go)
Popular in Questions
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #code-sync
- #javascript
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance










