DEV Community


Discussion on: How to encrypt strings & files in your source code?

bartosz profile image
Bartosz Wójcik Author

Everyone is using encryption, in one form or another. I have seen many, many legit applications with encryption for simple messages, just to hide it from prying eyes. Encryption is used everywhere. To hide configuration settings, to hide database contents, to hide proprietary project formats. Most deployed JavaScript source codes on the web are either obfuscated (with some sort of encryption for strings and variables) or minified.

Thread Thread
moopet profile image
Ben Sinclair

Most deployed Javascript is minified, not obfuscated.
Encryption is used mostly to secure communication between two parties or to restrict who can play your media (like DRM). I can't think of any use case for it in things like hiding configuration settings or database contents. The fact is, if your client-side code has to decrypt something, then the decrypted version exists on the client's computer, rendering the encryption moot.

Thread Thread
bartosz profile image
Bartosz Wójcik Author • Edited

Well Ben you didn't understand the purpose of this extension, it's not meant to replace traditional encryption algorithms like AES but to provide quick help for regular developers to hide simple things from curious users who might want to sniff around your source codes.

Encryption is used everywhere Ben. I did native, web, mobile development and everyone is using some forms of encryption. Communication channels encryption, messages encryption, database encryption (in automotive software for example), executables encryption to prevent cracking of software, configuration files encryption to prevent someone from tampering with the settings (a lot of games is doing that, also for static configurations), secret endpoints encryption, database connection strings encryption in desktop apps, static project files encryption to prevent patching it or easily stealing its content. Plenty of encryption everywhere.

Every decryption code gets executed at some point, no matter if you use AES, external DLL libraries in native apps or my solution.