alt Hacker NewsIt's a cat and mouse game, it provides the desired level of security for people who use it. It isn't used to prevent people from finding vulnerabilities (not mostly at least). It's used to deter competition, prevent clones of the application,etc.. it's make-shift "DRM". There are ways to defeat even AI-assisted analysis running in a proper browser. But I think it's not a good idea to give anyone ideas on this subject. proper-DRM is hellish enough.
Was there ever an obfuscated JS code a human couldn't reverse given enough time? It's like most people's doors, it won't stop someone with a battering ram, but it will ideally slow them down enough for you to hide or get your guns. in this case, it won't even slow them down, until it does (hence: cat and mouse game).
>Was there ever an obfuscated JS code a human couldn't reverse given enough time?
I reverse malware for a living and no there wasn't. With some experience even the best obfuscation is actually pretty easy to defeat. But the goal of malware analysis is to extract some knowledge (what this code does, IPs, URLs, tokens). Getting a runnable, clean version would often be a long tedious work.