4

I am looking to distribute a linux VM image (with a modified linux kernel to suit or product's needs) that runs some proprietary software that will already be on the VM I distribute. The goals is to let users run the VM locally on their own machines.

My question is, what are some good ways of protecting my proprietary software without making it too difficult for honest users to user our software?

I am aware that it is always possible to reverse-engineer anything I distribute but I was still hoping to add some measures to make it too tedious for malicious user to achieve that.

Some of the ideas I already have:

  1. Cryptographic signatures added to the VM or computed and uploaded to my server to compare against valid signatures to detect software modification.
  2. Encryption keys hidden/obfuscated in the boot partition that in turn decrypt the root fs.
Iszi
  • 27,127
  • 18
  • 101
  • 163
Iizanonymouz
  • 41
  • 1
  • Do you want to protect the image or the software on the image? – schroeder Oct 18 '15 at 15:51
  • I'm not really sure this is the right site for this question. You're question isn't really about information security, it's about protecting IP. Maybe Superuser.com would be better? – Neil Smithline Oct 18 '15 at 15:57
  • @schroeder Both. The software runs in kernel mode (for reasons that don't need to be debated here) and in usermode so technically, the image also needs to be protected. – Iizanonymouz Oct 18 '15 at 16:05
  • Once you give a computer to someone else, it is no longer your computer. I do not think your approach is feasible. – schroeder Oct 18 '15 at 16:08
  • Approach to protecting the image or my approach to the product in general? (As I said, I am already aware that it can be reverse-engineered.) – Iizanonymouz Oct 18 '15 at 16:10
  • Encrypt the rootfs and embed the key in the kernel? – miniBill Oct 19 '15 at 05:26

0 Answers0