This week, CraftBuzz presents the final article in The Price to Pay series: whether or not obfuscation is acceptable.
Let us start with the basic definition of obfuscation. In the programming world, obfuscation consists of masking the source code (which, as defined in our “Free versus Paid Plugins” article, is the raw, decompiled program) in order to prevent potential piracy or code stealing. There are various forms of obfuscation, but the most basic type consists of changing the function names to something less conspicuous (for example, findpassword might be turned into abcd). Obfuscation can be found in all types of software, but its usage on plugins has raised eyebrows amongst both users and developers. Why, specifically? Upon posing the question “Is Obfuscation Acceptable?” on Spigot, the user MiniDigger (who wrote a guide on deobfuscating plugins last year) responded with the following points: obfuscation decreases performance, limits debugging capabilities, creates problems when another user attempts to maintain it, and is an overall costly and time-consuming process that might not entirely protect one’s code. With that being said, is it still worth obfuscating code?
Advocates for open-source say otherwise. Obfuscated code promotes the creation of “hacky” methods to look into a program, says Spigot user Redrield. Users may sometimes wish to look at how a developer accomplishes a specific function; however, that would be impossible to do if the source code is illegible. Additionally, if the creator of the program was to abandon the project, it would be very hard for others to maintain it, since the code isn’t directly accessible.
Paid plugin authors state that while obfuscation may be able to partially protect resources against piracy, it will probably be bypassed by leakers. Therefore, developers should think twice prior to devoting precious time to methods that may be rendered useless eventually.
In response to the plagiarizing of many plugins, developers have often used obfuscation as a means of protecting their digital content. However, several users stated that the plugins typically worth obfuscating (premium, complex plugins) would be difficult to plagiarize without creating a blatant ripoff (such complicated programs have unique structuring that would be easily noticeable). It is true that in some cases it may partially prevent code copying, but with the problems outlined above in mind, obfuscation is still an idea worth thinking twice about.
Finally, to summarize what has been said: While obfuscation does indeed have certain benefits, the potential shortcomings greatly outnumber those advantages. Therefore, we can conclude that obfuscation shouldn’t be used in plugins.
It is true that most of the points presented are against the use of obfuscation; this is, however, due to content received from our occasional article thread on Spigot. While the poll stated that 32 users agree that obfuscation is in fact acceptable and 20 do not, the comments fail to accurately represent those viewpoints. I encourage any readers to voice their personal opinions in the comments below.