Lädt...


🔧 Code Smell 284 - Encrypted Functions


Nachrichtenbereich: 🔧 Programmierung
🔗 Quelle: dev.to

Cryptic Code is Bad Code

TL;DR: Avoid obfuscated functions in your code.

This article is based on a real social hacking disguised as a job interview

Problems

  • Hidden vulnerabilities

  • Readability

  • Testability

  • Trust issues

  • Bad Naming

Solutions

  1. Use clear names

  2. Avoid obfuscation

  3. Explain intent clearly

  4. Review shared code

  5. Don't trust code from unreliable sources

  6. Avoid modification since it is a sign of Premature Optimization

Context

When you write functions with cryptic or obfuscated names, you make your code unreadable and untrustworthy.

This pattern often hides malicious intent or makes debugging and collaboration unnecessarily hard.

Cryptic code also frustrates team members and future maintainers, increasing technical debt and security risks.

Remember, hacking has a strong social component compared to what you see in Hollywood movies.

Sample Code

Wrong

function _0xaexad(_0x12bfc3, _0x43a1e9) {
  return _0x12bfc3 ^ _0x43a1e9;
}

const result = _0xaexad(0x1a, 0x2f);
console.log(result);

Right

function xorOperation(orValue1, orValue2) {
  return orValue1 ^ orValue2;
}

const result = xorOperation(26, 47);
console.log(result);

Detection

[X] Automatic

You can detect this smell by scanning your codebase for meaningless or obfuscated function names.

Use linters or code analysis tools to flag short, cryptic, or randomly named functions.

Manual code reviews can also help identify suspicious patterns.

Tags

  • Security

Level

[X] Intermediate

Why the Bijection Is Important

Readable and meaningful names create a one-to-one correspondence between the real-world concept and your code.

Breaking this connection makes your program confusing and error-prone.

AI Generation

AI generators sometimes produce cryptic function names, especially when they optimize for brevity or imitate obfuscated patterns.

AI Detection

AI tools can detect and fix this smell when you ask them to refactor unclear function names or enforce coding standards.

They can analyze your entire codebase and suggest meaningful replacements for obfuscated names.

Try Them!

Remember: AI Assistants make lots of mistakes

Without Proper Instructions With Specific Instructions
ChatGPT ChatGPT
Claude Claude
Perplexity Perplexity
Copilot Copilot
Gemini Gemini

Conclusion

Avoid obfuscating your function names.

Write code that communicates your intent.

When you prioritize readability, you make your software easier to understand, debug, and maintain.

Cryptic code might look clever, but it adds unnecessary complexity.

Relations

More Info

%[https://www.linkedin.com/posts/franco-aguilera-2583685a_the-code-challenge-scam-they-tried-to-hack-activity-7270114822950703107-K3DW/]

Disclaimer

Code Smells are my opinion.

Credits

Photo by Nikita Pavlov on Unsplash

The strength of a cryptographic system depends entirely on the strength of its weakest component.

Bruce Schneier

This article is part of the CodeSmell Series.

...

🔧 Code Smell 285 - Non-Imperative Functions Names


📈 30.18 Punkte
🔧 Programmierung

🔧 Functions of Commercial Bank: Primary Functions and Secondary Functions


📈 27.64 Punkte
🔧 Programmierung

🔧 STOP Writing Dirty Code: Fix The Data Class Code Smell Now!


📈 24.11 Punkte
🔧 Programmierung

🔧 Clean code: why boolean flags in function parameters are a code smell


📈 24.11 Punkte
🔧 Programmierung

🔧 Code Smell 280 - Spaghetti Code


📈 24.11 Punkte
🔧 Programmierung

🔧 Code Smell 258 - Secrets in Code


📈 24.11 Punkte
🔧 Programmierung

🔧 Code Smell 232 - Reusable Code


📈 24.11 Punkte
🔧 Programmierung

🔧 Code Smell 230 - Schrödinger Code


📈 24.11 Punkte
🔧 Programmierung

🔧 Code Smell 205 - Code in Destructors


📈 24.11 Punkte
🔧 Programmierung

🔧 Code Smell 184 - Exception Arrow Code


📈 24.11 Punkte
🔧 Programmierung

🔧 First-Class Functions, Higher-Order Functions, and Closures in Python – Explained with Code Examples


📈 21.57 Punkte
🔧 Programmierung

🔧 Code Smell 268 - Ternary Metaprogramming


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 200 - Poltergeist


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 251 - Collections Empty


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 267 - Objects Aliasing


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 197 - Gratuitous Context


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 250 - Premature Memoization


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 266 - Collection Aliasing


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 195 - Yoda Conditions


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 289 - Shy Visitor


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 249 - Constants as Numbers


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 265 - Linguistic Confusion


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 189 - Not Sanitized Input


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 288 - Unthrown Exceptions


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 283 - Unresolved Meta Tags


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 248 - Unreliable Copy


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 265 - Linguistic Confusion


📈 20.97 Punkte
🔧 Programmierung

🐧 Code Smell


📈 20.97 Punkte
🐧 Server

🔧 Code Smell 287 - Unused Local Assignment


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 282 - Bad Defaults


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 247 - Javascript Replace


📈 20.97 Punkte
🔧 Programmierung

🔧 Code Smell 264 - Hanlon's Razor


📈 20.97 Punkte
🔧 Programmierung

📰 Java 15: Sealed Classes - Code-Smell oder moderne Erweiterung?


📈 20.97 Punkte
📰 IT Nachrichten

🔧 Help Validate a Vue.js Code Smell Catalog!


📈 20.97 Punkte
🔧 Programmierung

matomo