SoylentNews is people
SoylentNews
from the cracker-jack-anti-crack-hack dept.
Software reverse engineering, the art of pulling programs apart to figure out how they work, is what makes it possible for sophisticated hackers to scour code for exploitable bugs. It’s also what allows those same hackers’ dangerous malware to be deconstructed and neutered. Now a new encryption trick could make both those tasks much, much harder.
At the SyScan conference next month in Singapore, security researcher Jacob Torrey plans to present a new scheme he calls Hardened Anti-Reverse Engineering System, or HARES. Torrey’s method encrypts software code such that it’s only decrypted by the computer’s processor at the last possible moment before the code is executed. This prevents reverse engineering tools from reading the decrypted code as it’s being run. The result is tough-to-crack protection from any hacker who would pirate the software, suss out security flaws that could compromise users, and even in some cases understand its basic functions.
http://www.wired.com/2015/02/crypto-trick-makes-software-nearly-impossible-reverse-engineer/
(Score: 5, Interesting) by linuxrocks123 on Wednesday February 18 2015, @05:57AM
Nothing. It uses a well-known trick, called the TLB Split. Also, the CPU claims that the cold boot attack wouldn't work on it, but it would.
I posted a detailed analysis when this was discussed on Slashdot: http://slashdot.org/comments.pl?sid=6967529&cid=49051091 [slashdot.org]
(Score: 3, Informative) by Kell on Wednesday February 18 2015, @07:08AM
Your analysis (and very polite response to idiot trolls) on the green site is well written and informative. I look forward to seeing more of your comments on Soylent!
Scientists ask questions. Engineers solve problems.
(Score: 0) by Anonymous Coward on Wednesday February 18 2015, @09:22AM
To my surprise, following that link I didn't get the beta design, but the old one. Did Slashdot finally drop beta?
(Score: 2) by kaszz on Saturday February 21 2015, @03:34AM
Asfaik that green mess just gives you a sane page sometimes. Kind of like jackpot on the casino. You won't win everytime ;)
(Score: 2) by FatPhil on Wednesday February 18 2015, @09:32AM
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 5, Funny) by q.kontinuum on Wednesday February 18 2015, @10:28AM
I think the right term is soylenced?
Registered IRC nick on chat.soylentnews.org: qkontinuum
(Score: 5, Funny) by Nerdfest on Wednesday February 18 2015, @11:06AM
I prefer "it has soyled itself".
(Score: 2) by FatPhil on Wednesday February 18 2015, @02:08PM
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 2) by FatPhil on Wednesday February 18 2015, @01:59PM
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 0) by Anonymous Coward on Wednesday February 18 2015, @09:55AM
And oddly enough, the first time I try to visit Slashdot in the year since migrating here it spits out a 503 service offline error.
(Score: 2) by francois.barbier on Wednesday February 18 2015, @10:43AM
The website you linked doesn't appear to work.
It returns "503 Service Temporarily Unavailable" in the HTTP header.
It says "404 File Not Found" in the title bar.
It says "503 - Service Offline" in the page content
Sounds like great programming !
(Score: 2) by tibman on Wednesday February 18 2015, @06:41PM
Errors Beta.
SN won't survive on lurkers alone. Write comments.
(Score: 0) by Anonymous Coward on Wednesday February 18 2015, @05:13PM
On your slashdot reply chain, you went over why DMA attacks through Firewire should in theory work, but can be blocked by disabling it in the firmware (usually fine because Firewire peripherals are not too common these days.) However, under the responses about it also being an issue with PCI/PCI express, etc I think something got missed: aren't most of the common/modern PCMCIA-cardbus (and whatever that smaller port that is replacing it is called) just hot-swappable PIC/PCI express? If so, that becomes a potential attack vector that is more commonly used (although it too is way less popular these days thanks to the overwhelming success of USB.)
(Score: 2) by linuxrocks123 on Wednesday February 18 2015, @10:06PM
Yeah, evil PCMCIA cards might be an issue, but, like you said, the ports are becoming very rare. I think they can be disabled similar to FireWire, too, but I'm not 100% positive.
(Score: 2) by kaszz on Saturday February 21 2015, @03:36AM
Modern Cardbus is a PCI-express x1 lane (asfair).
Just build yourself a memory snoop client and have fun..