Hello ,
I need your opinion on how to protect an excel file with macros while the file is been downloaded from an internet site.
I started earlier looking at compilers ... dowloaded two demos ... one worked but only partly (encoutered too many problems)
I then visited this site : J-Walk & Associates. and downloaded a file and got the attachment I include here.
Can any of you experts agree that this is the best way to protect the file from tampering ?

If yes ... what is it ? Where can one purchase this software ?
I've read about Verisign ... I will include this too.

Many thanks

Where is the attachement?

What URL for Walk?

Verisign doesn't protect your code, just shows that the file hasn't been tampered with since uploading, and if you are happy with this supplier, then you shoud feel confident in downloading the file.

I see what happened .... I tried to upload the file again and notice this:
timesht.exe:
Invalid File

The URL for it is :http://www.j-walk.com/ss/excel/files/timesht.htm (http://http://www.j-walk.com/ss/excel/files/timesht.htm)

What I need is to purchase the software that converts the excel file into an exe one.
The file I have has macros in it.
I will also purchase a license from Verisign to protect the file from tampering.

If one cannot compromise an exe file then I can do without it I guess .

Thank you for your reply.

What you are seeing there is not a product that converst a spreadsheet into an exe, it is just something that packages a spreadsheet into an exe for installing. Once you install it, it gets unpacked into a regular timesheet.

It is simple to compromise VBA. The best way to write secure code is to write it in VB.

There is a free program I used to convert from XLS to EXE is called XLtoEXE and is at http://orlando.mvps.org/index.asp#XLtoExe. It just seems to create another instance of Excel and open a workbook within
that (apparently there may be a switch that allows the current excel instance to be run). Trying to access a password protected project seems to close it down, but the Excel instance seems a big overhead (Excel 2007 is about 4 times memory basic of 2003). Other than that, it bypasses Excel security warning (good idea?), and hidesthe code.

BTW, you did a lousy job of setting up a link to John's site, you gave http://http//www.j-walk.com/ss/excel/files/timesht.htm

http://www.j-walk.com/ss/excel/files/timesht.htm (http://www.j-walk.com/ss/excel/files/timesht.htm)
is copied from my toolbar when at the correct URL ... not sure why somehow it changes destination when pasted here ... maybe it is something for the moderator to find out just in case it is a problem with this screen I am typing this message in.

I thank you for your reply and would like to clarify more if I may.
I am not trying to protect the code, but rather to protect the container like you describe it.

So the question is : Is the container secure? , how could it be compromised ? The way I see it to compromise the file with malicious code, the person doing it would have to get inside the web site, and replace the "good" file with a tampered copy. Is this possible ?

Or is it done another way ? I mean the download takes nanoseconds so to tamper with it while being downloaded seems to me farfetched, but then again what do I know.

BTW tried the URL I just posted and it works now ... checked (without wearing my glasses) and it looks identical to the one posted earlier ????

If I copy and paste the earlier address in Notepad I get an extra : HTTP so that's teh problem ... mea culpa

I think you have to take a pragmatic approach. Who would want to compromise your code, and why? Most hackers are after b ig fish, I doubt any of us fit that category.

XLD , Downloaded XLS to EXE and converted the file to an EXE. It appears to me that the password protection on the file is great . So is this the solution then ?
One more thing about the container ... desirable if I can give it an icon of my choice ... and willing to spend the money just for that....
Thank you very much for your help in this.

Sorry XLD, was typing while you were posting.
I agree with you that the notion of a hacker taking interest in tampering with the code is almost non existant . What I'm trying to do is put the person that might chose to download the file at ease vis a vis the integrity of the file (hense the decision to obtain a license from Verisign) ... as for the bypass of the macro security prompter and I assume this is a byproduct of the conversion I find it selfishly in my case desirable.