As a paranoid developer, there’s always a chance that my source code will fall into the wrong hands. At which point, something I wrote as a hack, or that hasn’t been tested fully, finds its way onto a 0day warez site, or past around a geek clan as a prize possession and used to barter to more warez. If you want some useful code then wait for the genuine release. If you want an embarrassing display of poor coding style look on the internet for my old work! BTW, I’ve learnt a lot since 1993 when I released my first fractal generator.

So to minimize the potential, I’ve developer “Secure Source.” This constitutes a single header file that should be included in every file in your project, and a SAFEFILE macro invoked in every source file. Then, once the program exits it deletes all those source files.

The implementation (in C++ only) works by invoking the constructor of a new class for every source file, and destroying that file when the destructor is called. My current version (found here and here) uses a common class, CSecureLogger to hold references all to all files to limit the code footprint slightly. However, there is a technique using a single class, where each file creates a unique instance of class.

The current, known, problems are:

• Doesn’t delete header files.
• Needs an explicit invocation (with the SECURE_MAIN macro) to declare the two variables. (Note: the single class technique doesn’t have this problem.)
• There’s no way to delete the application binary itself, since the operating system keeps a lock on it, until the execution has finished.

I hope to conjure up some inspiration (and time!) with which to conquer these problems.

And yes – I did manage to destroy my master sources while testing the code. Twice! I’m glad I learnt to take back-ups…