问HN:我该如何防止高管过于关注版权保护问题?
出于明显的原因,我决定匿名发帖。我刚开始了一份短期的开发合同,注意到前方有一些障碍,我担心这可能会影响我们交付产品的能力。
这个组织向一个非常小众的奢侈市场销售,并以高价分发本地应用程序。公司的高管们对软件在每次发布后出现的裂缝感到极为不安。问题在于,我们目前的架构作为本地应用程序意味着攻击者已经获得了根权限,我们无法保护任何关键数据。此外,还有一些特定领域的原因使得某些用户在某些时候总是需要远程访问。虽然我希望鼓励组织最终转向我们可以保护的客户端-服务器架构,但提供远程副本的需求意味着我们所能做的只是通过模糊安全来创建难题盒子,这对攻击者来说解锁的成本(从他们的时薪来看)比我们创建的成本要低。
我认为他们对这些裂缝的出现反应过度,推动开发团队在软件中引入更多检查,从而损害了生产力,甚至可能影响软件的稳定性,同时也未能解决问题。
举个例子来说明我的担忧:我最近和我们的一位开发人员谈论了一个依赖性问题,其中一些额外的许可证检查被嵌入到用户界面中,我鼓励将这些检查提取到特定层次。对方回复说:“如果我们把所有的许可证检查放在同一个地方,这不是更容易被破解吗?”
我意识到这可能是一个警示信号,我应该撤退,但我相信自己是一个有说服力的人,我想尝试一下。他们有点老派,所以我觉得需要采取温和的方式。大多数情况下,我希望将问题重新框定为“技术问题”变为“社会问题”,减少对模糊安全的关注,更多地关注追踪泄漏的来源,并通过许可证协议来执行后果。
因此,我向大家求助,希望能在这方面得到帮助。我想你们中的一些人可能曾经遇到过类似的情况,拥有我可以借鉴的经验,或者可能对我可以使用的各种资源有所了解。我想到的一个例子是大型在线游戏公司在面对瞄准机器人或其他作弊行为时所遇到的问题,这些市场中黑客的价值接近于零,而工程部门为防御所投入的资源却很高;这展示了这种方法的徒劳。然而,我有点担心,由于他们的老派思维,游戏可能不是他们会接受的例子。
相反,如果有人对简单的模糊处理和/或硬件加密狗之外的简单解决方案有任何建议,我也会非常感激,因为如果我能从他们的角度提出一些超出典型收益递减曲线的建议,这可能会有所帮助。
查看原文
Throwaway for obvious reasons. I've just begun a short term dev contract and I'm noticing a bit of a bump ahead that I worry might impede our ability to deliver the product.<p>The org sells to a very niche luxury market and distributes a native application at a high price. The execs at this company are extremely perturbed by the appearance of cracks of the software that appear sometime after every release. The issue is that our present architecture as a native application means the attacker already has root and we cannot protect any key, there are also domain specific reasons why some users will always need to be remote at some point. While I want to encourage the org to eventually move to a client-server architecture we could protect, the need to provide the remote copies means all we can do is create puzzle boxes via security by obscurity, that are cheaper to unlock for an attacker (in terms of their likely hourly rate) than for us to create.<p>I believe they are over-reacting to the emergence of these cracks by pushing the dev team to introduce more checks into the software and thereby harming productivity and potentially even stability of the software while also failing to solve the issue.<p>To give you an example of my fear; I was talking to one of our devs recently about a dependency issue where some extra license checks had been baked into the UI and I was encouraging better composition to extract these sorts of checks to a specific layer instead. They replied "but if we put all the license checks in the same place, won't that make it easier to crack?".<p>I appreciate this is probably a red flag and I should run but I believe myself to be a convincing person and I would like to try. They are a little old-school, so I feel like a gentle approach is necessary. For the most part I am wanting to attempt to reframe the issue from a "tech problem" to a "social problem" and focus less on adding more security by obscurity and more on tracking down where the leaks are coming from where consequences can be enforced via license agreements.<p>So I appeal to you all to help me with this endeavour. I imagine some of you have been in this sort of situation before, and have experience I could draw from, or might have knowledge of various sources I can use. The one that springs to mind for me is the issues that big online gaming companies have with aim-bots or other cheats in markets where the value of the hack is close to the zero and the resources of the engineering department trying to defend are high; to demonstrate the futility of the approach. However I worry a little, that given the old-schoolness at play that gaming might not be an example they will be receptive to.<p>Conversely, if anyone has any suggestions about low hanging fruit, outside of simple obfuscation and/or hardware dongles, this would also be appreciated, as it might help if I can also suggest something from their angle that beats the typical curve of severely diminishing returns.