alt Hacker NewsNice. I have been working on something which utilizes obfuscation, honeypots etc and I have come to a few realizations-
- today you don't have to be a dedicated/motivated reverse engineer- you just need Sonnet 4.6 and let it do the work.
- you need to throw constant/new gotchas to LLMs to keep them on their tows while they try to reverse engineer your website.
The bar for reverse engineering dropped to "paste the HTML into Claude and ask it to decode." That's partly why the v2 roadmap moves toward techniques where the readable text never exists in the DOM at all. Static obfuscation patterns need to keep evolving or they become a one-prompt solve.