As you just learned in the previous use-case, a source code can be unvahunzed. There is no possibility to avoid this, as there is no possibility that somebody reverse-engineers a binary.
Still, unvahunzing is a lot of work, and here are some hints how you can make it even harder. The main goal is: if someone views the source code, he should not see anything familiar.
If you use --random-seed, change the random seed with at
least every public release. Otherwise, it would easily be possible to
use a diff tool, and unvahunz only the new parts
again.
Avoid string constants. If your application is localized and reads most strings from external catalogs, this should be the case already. If not, declare string constants in other places then they are used.
Split string constants. For example, instead of
char *some_text = "hello";use
char *some_text = "hel" "lo";If now somebody scans the source for
hello, he will not
find anything.
Avoid calls to standard functions like printf, as they
can not be vahunzed. Instead, write your own substitutes, or simply use
defines:
#define my_printf printf #define my_OpenWindow OpenWindow #define my_IDCMP_REFRESHWINDOW IDCMP_REFRESHWINDOW
Now start to use my_printf where ever a
printf is used. If you think it is too much work to
update your whole source for that, then consider this the perfect time
for The Great Renaming.
Redefine (or typedef) basic types and keywords like
char and while:
#define CHAR char #define WHILE while
However, most of these things are trivial to unvahunz. Almost any programmer can write a tool that concatenates splitted string constants, automatically merging "hel" "lo" to "hello" again.