[maemo-developers] [New Developer]: Questions - Python Packaging / Free or Non-Free / Software Licensing
From: David Greaves david at dgreaves.comDate: Sun Feb 7 20:44:46 EET 2010
- Previous message: [New Developer]: Questions - Python Packaging / Free or Non-Free / Software Licensing
- Next message: [New Developer]: Questions - Python Packaging / Free or Non-Free / Software Licensing
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sanjeev (EIPI) wrote: > Thank you for the reply. To clarify this particular situation a bit > more... The API key is available only on a paid basis. For some novel or > new devices, a limited use (read: non-commercial) key is given to > developers that apply for one. So, a casual user is not able to obtain > their own API key. I have obtained one of these limited use keys for use > in my application. > > This is the reason why I was inquiring about how to protect the API key > within the application. (nb try not to top-post) This is not a licensing issue, it's a security issue. (Well, actually, you may contravene the api publisher's license since you probably can't avoid publishing your personal credentials to the world). In general if you distribute a binary containing credentials then the credentials can be extracted. You need a fairly complex security system to avoid this (eg Harmattan's upcoming DRM management which is the problem you're attempting to solve - and look how well that worked out so far). You have several obvious problems: * python is distributed as source - it's hard to obfuscate * the api key will almost certainly be clear in the source * if you encrypt the credentials then the decryption routine will be clear * if you obfuscate it (eg compile) then it has to be capable of being read by the CPU - or by a debugger. One solution is to use a proxy. Provide an 'open' service that your app calls and which then passes the request on to the paid service using credentials kept on the proxy. This is likely a breach of the terms-of-use license. As the problem is outlined I think you're out of luck - sorry. David -- "Don't worry, you'll be fine; I saw it work in a cartoon once..."
- Previous message: [New Developer]: Questions - Python Packaging / Free or Non-Free / Software Licensing
- Next message: [New Developer]: Questions - Python Packaging / Free or Non-Free / Software Licensing
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]