ObfusFAQ [phpwiki]

What does this service do?

Short answer: It turns spaghetti into dogshit.

Long answer: It tries to (further) reduce the comprehensibility of your perl code by:

  1. Removing comments
  2. Removing whitespace (including newlines!)
  3. Encoding strings into hex
  4. Substituting all meaningful symbols (scalars, arrays, functions, etc.) into random garbage.

Why is this useful?

  1. Impress your peers
  2. Confuse your enemies
  3. Compress your code
  4. Annoy your clients
  5. Frighten your boss
  6. ?
  7. Profit!

How does it work?

The obfuscation happens inside a patent pending Perl analysis engine using a rule based machine learning expert system and genetic optimization algorithms running on top of a massively distributed scalable computing platform for the enterprise.

This proprietary uglification technlogy allows you to outsource many forms of Perl nastiness to The Perl Obfuscation Service while focusing your business on it's core incompetencies.

The Perl Obfuscation Service - we makes Perl (even more) ugly, so you don't have to.

Seriously, how does it work?

The implementation is too nasty to discuss. It involves recursive, mind boggingly complex use of the most subtle and arcane features of Perl's regular expression engine. Let's not go there.

How powerful is the obfuscator, will it handle all Perl constructs?

It's pretty powerful, but Perl has an insanely complex syntax, so some constructs may be ignored or mishandled. I kept working out the bugs until it was powerful enough to obfuscate itself recursively an arbitrary amount of passes. This is telling, as the code for the obfuscator uses alot of very complex Perl constructs itself.

What constructs are mishandled?

(To my knowledge)

The multiline string syntax
    $s = <<EOF;
Regular expressions that try to match whitespace by specifying whitespace
    # Tries to match three spaces
    $s =~ /   /;
    # Use this instead:
    $s =~ / {3}/;

How do I obfuscate code spanning multiple files/modules?

The easiest way is to rearrange the code into one big file, and submit that. Submitting the various files seperately may not work as the symbol names are mangled randomly for each file. (which breaks things)

I'm thinking of changing the obfuscator to support tarballs, if the demand is large enough, and I have time. Later.

How do I obfuscate a package while keeping the API intact?

I'm thinking of adding a feature which allows you to specify a list of symbols which the obfuscator will not mangle. For now, the workaround is to identify the mangled symbols in your code and search/replace them according to your API.

Why aren't you releasing the source for the obfuscator?

  1. I am deeply ashamed of how incredibly ugly it is.
  2. I don't think releasing an obfuscator to an already ugly language is A Good Thing. I'm putting evil on a leash here.

I found a bug, what do I do?

Don't panic. Send me a snippet of code that demonstrates the bug (ContactLiraz)

In the meanwhile, you can either fix the obfuscated code yourself, or change your code to work around the bug. (use a different, functionally equivalent construct. Experiment!)

    follow me on Twitter