home *** CD-ROM | disk | FTP | other *** search
- Path: keats.ugrad.cs.ubc.ca!not-for-mail
- From: c2a192@ugrad.cs.ubc.ca (Kazimir Kylheku)
- Newsgroups: comp.lang.c
- Subject: Re: Secure from Decompiling??
- Date: 31 Jan 1996 06:58:53 -0800
- Organization: Computer Science, University of B.C., Vancouver, B.C., Canada
- Message-ID: <4eo03dINN2b8@keats.ugrad.cs.ubc.ca>
- References: <4djaq2$jd5@earth.superlink.net> <310e83a8.14450560@netline-fddi.jpl.nasa.gov>
- NNTP-Posting-Host: keats.ugrad.cs.ubc.ca
-
- In article <310e83a8.14450560@netline-fddi.jpl.nasa.gov>,
- Kevin Quitt <kdq@emoryi.jpl.nasa.gov> wrote:
- >I'm going to assume this string is a password to allow operation of the
- >program. Any such comparison is easily thwarted by looking for where the
- >decision is made based on the comparison, and patching in an absolute jump.
- >The only way you can protect your code is to encrypt the code such that only
- >the password will properly decrypt the code (in RAM). Get the password and
- >unconditionally decrypt the code. Now just jump to the code. It'll either
- >work or blow up--not your problem. If you want to be nice, you can put
- >interrupt handlers in to catch the likely errors, and have your code decrypted
- >code remove them (but not immediately).
- >
- >This gives them no information, no shortcuts, and nowhere to trap and restart
- >to bypass the test.
-
- But you have to distribute the password to legitimate users. The best thing is
- to do, if you can, is to make up a new password for each copy of the program.
- Of course, if someone wants to crack the program, they just obtain a legit
- password and decrypt the code with your own algorithm, be it DES, IDEA or what
- have you.
-
- On UNIX systems, the superuser can even examine the code of programs that are
- running without using any special debugging tools. If I wanted to look for
- strings in the program, I'd just to go /proc/<pid>, say, and look at the
- virtual file which represents the memory image of the running process.
- --
-
-
