Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Encryption Method Fights Reverse Engineering

Posted by Soulskill on from the with-many-obfuscations,-all-bugs-are-deep dept.

New submitter Dharkfiber sends an article about the Hardened Anti-Reverse Engineering System (HARES), which is an encryption tool for software that doesn't allow the code to be decrypted until the last possible moment before it's executed. The purpose is to make applications as opaque as possible to malicious hackers trying to find vulnerabilities to exploit. It's likely to find work as an anti-piracy tool as well. To keep reverse engineering tools in the dark, HARES uses a hardware trick that’s possible with Intel and AMD chips called a Translation Lookaside Buffer (or TLB) Split. That TLB Split segregates the portion of a computer’s memory where a program stores its data from the portion where it stores its own code’s instructions. HARES keeps everything in that “instructions” portion of memory encrypted such that it can only be decrypted with a key that resides in the computer’s processor. (That means even sophisticated tricks like a “cold boot attack,” which literally freezes the data in a computer’s RAM, can’t pull the key out of memory.) When a common reverse engineering tool like IDA Pro reads the computer’s memory to find the program’s instructions, that TLB split redirects the reverse engineering tool to the section of memory that’s filled with encrypted, unreadable commands.

10 of 215 comments (clear)

  1. Already sloved by PPH · · Score: 4, Funny

    I keep my code undeadable with a liberal use of goto statements.

    --
    Have gnu, will travel.
    1. Re:Already sloved by halivar · · Score: 4, Funny

      I keep my code undeadable with a liberal use of goto statements.

      You made an infinite loop with goto?

    2. Re:Already sloved by BronsCon · · Score: 5, Funny

      Is that your goto solution for preventing reverse engineering?

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    3. Re:Already sloved by fahrbot-bot · · Score: 3, Funny

      I keep my code undeadable with a liberal use of goto statements.

      I store my undeadable code using a Walking Dead technique, whereby the binary code is reaped from the the return statuses of zombie processes killed at the last possible moment ...

      --
      It must have been something you assimilated. . . .
    4. Re:Already sloved by wonkey_monkey · · Score: 3, Funny

      That's a terrible joke. Goto your room!

      --
      systemd is Roko's Basilisk.
    5. Re:Already sloved by mr_mischief · · Score: 5, Funny

      Hardware by Intel, code by Escher.

  2. Well, that's it...better pack up hackers... by NotDrWho · · Score: 5, Funny

    That's it. They've finally come up with uncrackable software. I guess all the hackers will just have to pack their bags and find another hobby now. It was a good many decades while it lasted. But now it's clearly over. Congrats to Jacob Torrey on doing what no one else has ever been able to do! No way this will ever be cracked. He's beaten us all.

    --
    SJW's don't eliminate discrimination. They just expropriate it for themselves.
  3. Re:Bring it on, folks! by halivar · · Score: 4, Funny

    Ah, but count-up's are indefinite. Now they won't find it until they count to a million or something. Should have counted down, but now it's too late...

  4. Re:Bring it on, folks! by sexconker · · Score: 4, Funny

    So are count-downs. 3, 2, 1, 0, -1...

    So are count-tos.
    1, 2, 2 and a half, 2 and three quarters...

  5. There is a much simpler way to do this. by 140Mandak262Jamuna · · Score: 4, Funny
    Hire a few Indian H1-Bs supplied by Wipro or Infosys or Cogniscent. The code they write is impossible for anyone to decode even if you discolose the the source code and the design specs.

    Venkat!!! Why on God's good name are you passing the reference to a pointer to a function as a construction argument?!?!?! aarggghhhh!

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact