chris
March 15th, 2012, 17:48
I'm not quite sure I chose the right forum, but here are my questions anyway.
I am writing a tool which prevents reverse engineering. (I am an expert tool writer, but a beginner in reverse engineering).
Question 1) How can I become trusted as good guy and not just one more person requesting malware (to use)?
Question 2) Any experienced opinions what to do, so that my tool can be used for good purposes, but be difficult to use to create malware?
For a starter, I already have some "tricks":
I would love to hear whether these measures would be safe enough or useless to prevent/reduce creation of malware. Even better: maybe somebody has more or better ideas how to accomplish that.
Question 3) I'm always looking for juicy tricks, easy for automatic generation. This will eventually become my next question, after question 1) is answered.
I promise to eventually send a "crackme" (minus the best tricks), but for now the tool is still too simple to make this interesting.
Chris
C h r i s J a c o b i
j a c o b i a t a c m d o t o r g
Please be careful when replying to the bulletin board; I would love to be "verifiable", but not searchable/findable yet.
I am writing a tool which prevents reverse engineering. (I am an expert tool writer, but a beginner in reverse engineering).
Question 1) How can I become trusted as good guy and not just one more person requesting malware (to use)?
Question 2) Any experienced opinions what to do, so that my tool can be used for good purposes, but be difficult to use to create malware?
For a starter, I already have some "tricks":
The output of my tool does NOT hide its being obfuscated. The obfuscation is easy to recognize, in spite of (hopefully) being almost impossible to reverse engineer.
The generated code is too long to hide in small places.
(Possibly ?) The tool could embed a visible watermark, so anybody could know how the obfuscated code was created.
(Possibly ?) The tool could embed an (invisible?) watermark with a serial number. Each buyer would get a new serial number. (Would buyers care? How could I get good enough identifications that this would be worth doing?)
I would love to hear whether these measures would be safe enough or useless to prevent/reduce creation of malware. Even better: maybe somebody has more or better ideas how to accomplish that.
Question 3) I'm always looking for juicy tricks, easy for automatic generation. This will eventually become my next question, after question 1) is answered.
I promise to eventually send a "crackme" (minus the best tricks), but for now the tool is still too simple to make this interesting.
Chris
C h r i s J a c o b i
j a c o b i a t a c m d o t o r g
Please be careful when replying to the bulletin board; I would love to be "verifiable", but not searchable/findable yet.