10 replies to this topic

[mohd]

I'm new to this, but I'm wondering if anyone knows a good way to help protect programs from reverse engineering and decompilation. I've seen some software but not all of it looks that good and if it somehow works the exe is no longer working or just too slow to do anything, or freezes the computer completely. Thanks in advance!

Edited by Alexander, 15 December 2010 - 09:18 PM.
(removed spam link sig)

[WingedPanther73]

Ultimately, the functionality of a program can almost ALWAYS be reverse-engineered. It may take a while for some items, but the code is simply there. In addition, a decompiler just works. You program is ultimately in a readable form, even though most people don't know machine language. You would probably do better to put your energy into adding features, not obfuscating your compiled code.

[Generic]

I have heard only reverse engineering about the .net. We use .net reflector.

If you use .net reflector or a java decompiler you can get the source code if you're disassembling an exe that doesn't run off of some sort of VM you'll get assembly
If you want to see a higher level view of assembly there's something called Hexrays that's a plugin for IDA that will give you C(I believe) code.

@OP:
I've heard of chunks of assembly you can add that would crash common disassemblers like Olly, or IDA. But like what WingedPanther said there's always going to be a way that your code can be reverse engineered. There's also other solutions that can help deter reverse engineering attempts like Themida or packers.

[gregwarner]

It's similar to the problem with trying to prevent digital movies and songs from being copied. The media is simply there, and it has to be executed/played at some point. If you have some IP or trade secrets in your code that you don't want to be discovered, consider a hosted service in which your customers download some client software which interfaces with your servers. That way, your sensitive algorithms can be protected by keeping them and executing them on your machines while providing just the I/O for those algorithms to your customers.

[Smilex]

There's no use in trying to prevent reverse engineering, by any digital protection system. Although some indie games have managed to get people from illegally downloading the game and instead buying it, using marketing and whatnot. Since torrents are the main source for illegal products, Wolfire games actually got some more buyers by simply releasing their indie bundle in a torrent format, supposedly that worked.

[lethalwire]

It's similar to the problem with trying to prevent digital movies and songs from being copied. The media is simply there, and it has to be executed/played at some point. If you have some IP or trade secrets in your code that you don't want to be discovered, consider a hosted service in which your customers download some client software which interfaces with your servers. That way, your sensitive algorithms can be protected by keeping them and executing them on your machines while providing just the I/O for those algorithms to your customers.

Using a real-world example: some form of digital rights management. Some game companies are requiring that you register your game online and STAY online while playing it.
It's rather ironic because I can see how adding this type of drm can influence the usage of illegal torrents.

I agree with everyone, reverse engineering your software can take time, but it can be done.
You could try to make your software really cheap and easily accessible ( via d/l instead of buying in-store ).

I like the idea Steam or Direct2Drive has setup. You can simply pop your credit card # in and buy/download/play a game almost instantly. And they'll usually have good/decent sales on games, so it's really worth buying over pirating.

In any case, think of the preventative measures you'll take against pirating/cracking your software.

[Smilex]

Steam games are being reverse-engineered all the time. Making you stay online does not prevent the reverse engineers from doing what they do, I can imagine it encouraging them more, as only the best can do it, so you can easily get recognition if you can do it.

[lethalwire]

Steam games are being reverse-engineered all the time. Making you stay online does not prevent the reverse engineers from doing what they do, I can imagine it encouraging them more, as only the best can do it, so you can easily get recognition if you can do it.

The point was that Steam has some ridiculous sales where I'd rather buy than pirate.

[alma111]

Code Signing as Reverse Engineering Protection
In my last post I spoke about reverse engineering .NET assemblies upon which Gregory asked how to protect his code against it.

Initially I thought signing an assembly would be the easiest way to prevent this, and my first tests confirmed this. I signed the CrackMe from my previous post and tried modifying it again, unsuccessfully.

But in the end Code Signing your assembly proved to be useless against reverse engineering.

[bbqroast]

Be nice, Be nice, Be nice
Thats the only way you can do it, if I see someone with Flash 8 I'll live on but when I see pirated Minecraft it makes me sad! Why? Because Notch is a one person developer who deserves the money, all I see when I look at Adobe is a giant corporate logo- When someone says Mojang I think of the pictures of people ripping up the offices dirty carpets.

Also make features only registered players can use (for example most big servers can only be played by registered users who have paid- otherwise the server admins could have fakes logging in under their name!).

[LogicNP]

In the .Net universe, decompiling is especially easy given the well documented .Net metadata format. There are even ready-made tools which can view the entire source code in the exe/dll . So obfuscating your .net exes and dlls using something like Crypto Obfuscator is extremely crucial. Obfuscation offers reasonably good protection - in the end, nothing is RE-proof, but this is as good as it gets.