ionCube Logo
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


 
Post new topic   Reply to topic    ionCube Forum Index -> ionCube PHP Encoder

Potential New Customer - How do you rate IonCube?

Author Message
Mr TopGear



Joined: 22 Jun 2020
Posts: 1

PostPosted: Mon Jun 22, 2020 11:42 am    Post subject: Potential New Customer - How do you rate IonCube? Reply with quote

Hi all,

I have been looking around for a mechanism to protect my php source code; up until this point I have not needed to do this so this is my first venture into this area. Obviously I like to do my research as this potentially could cost me a lot of money.

So I have a couple of questions that I tried to direct in an email a few weeks ago here but maybe the forums are the place to get some decent answers. Unfortunately this maybe a long post.

Firstly how good is ion cube, both on performance and security perspectives and also with keeping upto date with the latest php releases.

I have a few concerns in each of these areas.

1. Keeping up with latest php releases

I am currently developing for php 7.4 with a view to keeping my code ready to go for php 8. I maintain the servers the code runs on so I do not need to worry about legacy systems however I can see that ioncube does not support this version yet even though it came out on 28 November 2019 (207 days as of this post). This is a long time to wait for a supported release. I can see php 8 is estimated for release on 26 November, 2020 so if I buy ioncube now will it support php 8 or will I need to pay for an upgrade? How much will this cost? That is if support for 7.4 even comes out before php 8 release.

2. How will php 8 JIT compiler impact securing php source code

3. How secure is your source code after it is converted into bytecode. Is it possible to obtain the original source code?

Looking around to see if anywhere is offering to crack ioncube or reverse engineer files back to source; I can see several people offering these services for a small fee. This tells me that it isn't as secure as advertised. Obviously I wont post the links here

I also found a research paper entitled "Security Analysis of PHP Bytecode Protection Mechanisms" by Dario Wei├čer, Johannes Dahse , and Thorsten Holz that talks about
reverse engineering method that they used to do this.

4. I can see cracks attacking the ioncube loader to circumvent the licensed domain/ip/mac lock dated 2016

So can the bytecode protection offered be circumvented to obtain the source code? Have there every been cases that this has been done? How good is this product?

Thanks
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    ionCube Forum Index -> ionCube PHP Encoder All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum