IT Hare on Soft.ware

Disclosure: On this site you won’t find specific advice on “how to call function xyz()”. Interpreting C++ ARM and #pragma dwim is also out of scope.

We’re treating our readers as intelligent beings who can use Google and/or StackOverflow, where all such specific questions were answered more than once.

What you will find is opinions, more opinions, and even more opinions on all the aspects of software development - and with a large chunk of them based on real-world experience too.

Your mileage may vary. Batteries not included.

 

Bot Fighting 103. Code Integrity Checks, Code Scrambling

Quote: “Bingo! We’ve got an executable, which automagically performs TONS of integrity checks, which checks are spread all over the executable, and are extremely non-obvious too.”
Another Quote: “This approach of ‘not revealing code until attack costs are high’ is certainly not limited to payments.”
[]

Bot Fighting 102: System-Specific Kinda-Protection. Anti-Debugger, Anti-DLL-Injection, VM Detection.

Quote: “it is fundamentally impossible to prevent (or detect) debugging, at least as long we’re staying on one single box.”
Another Quote: “DON’T spend more than 10% of your overall anti-bot-fighting time budget on system-specific protections.”
[]

Bot Fighting 101: Don’t Feed the Hacker

Quote: “Some of the system calls are not absolutely necessary, and using them will significantly simplify life of the attacker”
Another Quote: “Scrambling will help to protect your protocol even if the attacker manages to F.L.I.R.T. with your TLS library”
[]

MOGs: Hacks and Hackers

Quote: “One of the nastier-for-us features of IDA Pro is so-called F.L.I.R.T.”
Another Quote: “All the popular protection methods lag well-behind capabilities of the average-attacker-on-a-100K-simultaneous-player-game.”
[]

Merits of Anti-Reverse-Engineering for MOGs

Quote: “Given enough time, everything can be broken”
Another Quote: “in this fight, most of the non-cheating player population will be on our side”
[]

Real-World 802.11ac Wi-Fi Testing: 7×6 Routers-x-Adapters Matrix. Part III. Results and Conclusions

Quote: “There is no such thing as ‘the best router’; strictly speaking – you need to test each specific pair of (router,adapter) to get anywhere-reliable results.”
Another Quote: “with that limited data we have now, I’d rather stay away from Realtek-based adapters.”
[]