Uncrackable Software?


uberwaldo
Member
Registered: 04.12.13 12:49
Timezone: UTC +0
Posts: 5

How do I develop an application that is less vulnerable to cracks and patches? What are the industry default measures to deal with that?


uberwaldo
Member
Registered: 04.12.13 12:49
Timezone: UTC +0
Posts: 5

How do I develop an application that is less vulnerable to cracks and patches? What are the industry default measures to deal with that?


Senzon
Member
Registered: 25.05.12 19:13
Timezone: UTC +3
Posts: 17

I wasn't aware software could be vulnerable to patches since those usually fix things smile.

But I think for security measures it depends a lot on the kind of application you're making, where it'll be used, and with what technologies it's constructed.

I would definitely say a great resource for learning more about vulnerabilities is OWASP.


Senzon
Member
Registered: 25.05.12 19:13
Timezone: UTC +3
Posts: 17

I wasn't aware software could be vulnerable to patches since those usually fix things smile.

But I think for security measures it depends a lot on the kind of application you're making, where it'll be used, and with what technologies it's constructed.

I would definitely say a great resource for learning more about vulnerabilities is OWASP.


uberwaldo
Member
Registered: 04.12.13 12:49
Timezone: UTC +0
Posts: 5

Senzon wrote:
I wasn't aware software could be vulnerable to patches since those usually fix things smile.

You can either create patches for the software or cracks for it. They're different in the sense that a crack replaces files and a patch adds compiled code dynamically.

Senzon wrote:
But I think for security measures it depends a lot on the kind of application you're making, where it'll be used, and with what technologies it's constructed.
I would definitely say a great resource for learning more about vulnerabilities is OWASP.

I have checked OWASP, but it has very few information on reverse engineering defense. Isn't there a way to obscure ASM information that debuggers like ollydbg read? Most professional applications make use of encodings that make ollydbg inoperable for example, I'd like to do the same to my software but with secure encodings.

I'd like to know if I can make reverse engineering tasks more difficult basically.


uberwaldo
Member
Registered: 04.12.13 12:49
Timezone: UTC +0
Posts: 5

Senzon wrote:
I wasn't aware software could be vulnerable to patches since those usually fix things smile.

You can either create patches for the software or cracks for it. They're different in the sense that a crack replaces files and a patch adds compiled code dynamically.

Senzon wrote:
But I think for security measures it depends a lot on the kind of application you're making, where it'll be used, and with what technologies it's constructed.
I would definitely say a great resource for learning more about vulnerabilities is OWASP.

I have checked OWASP, but it has very few information on reverse engineering defense. Isn't there a way to obscure ASM information that debuggers like ollydbg read? Most professional applications make use of encodings that make ollydbg inoperable for example, I'd like to do the same to my software but with secure encodings.

I'd like to know if I can make reverse engineering tasks more difficult basically.


chess_rock
Member
Registered: 19.11.11 22:52
Timezone: UTC +0
Posts: 16

You're talking about something like executable compression?

http://en.wikipedia.org/wiki/Executable_compression


chess_rock
Member
Registered: 19.11.11 22:52
Timezone: UTC +0
Posts: 16

You're talking about something like executable compression?

http://en.wikipedia.org/wiki/Executable_compression