Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Wednesday February 18 2015, @04:55AM   Printer-friendly
from the cracker-jack-anti-crack-hack dept.

Software reverse engineering, the art of pulling programs apart to figure out how they work, is what makes it possible for sophisticated hackers to scour code for exploitable bugs. It’s also what allows those same hackers’ dangerous malware to be deconstructed and neutered. Now a new encryption trick could make both those tasks much, much harder.

At the SyScan conference next month in Singapore, security researcher Jacob Torrey plans to present a new scheme he calls Hardened Anti-Reverse Engineering System, or HARES. Torrey’s method encrypts software code such that it’s only decrypted by the computer’s processor at the last possible moment before the code is executed. This prevents reverse engineering tools from reading the decrypted code as it’s being run. The result is tough-to-crack protection from any hacker who would pirate the software, suss out security flaws that could compromise users, and even in some cases understand its basic functions.

http://www.wired.com/2015/02/crypto-trick-makes-software-nearly-impossible-reverse-engineer/

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Wednesday February 18 2015, @05:13PM

    by Anonymous Coward on Wednesday February 18 2015, @05:13PM (#146583)

    On your slashdot reply chain, you went over why DMA attacks through Firewire should in theory work, but can be blocked by disabling it in the firmware (usually fine because Firewire peripherals are not too common these days.) However, under the responses about it also being an issue with PCI/PCI express, etc I think something got missed: aren't most of the common/modern PCMCIA-cardbus (and whatever that smaller port that is replacing it is called) just hot-swappable PIC/PCI express? If so, that becomes a potential attack vector that is more commonly used (although it too is way less popular these days thanks to the overwhelming success of USB.)

  • (Score: 2) by linuxrocks123 on Wednesday February 18 2015, @10:06PM

    by linuxrocks123 (2557) on Wednesday February 18 2015, @10:06PM (#146728) Journal

    Yeah, evil PCMCIA cards might be an issue, but, like you said, the ports are becoming very rare. I think they can be disabled similar to FireWire, too, but I'm not 100% positive.

  • (Score: 2) by kaszz on Saturday February 21 2015, @03:36AM

    by kaszz (4211) on Saturday February 21 2015, @03:36AM (#147678) Journal

    Modern Cardbus is a PCI-express x1 lane (asfair).

    Just build yourself a memory snoop client and have fun..