Disclosure: On this site you won’t find specific advice on “how to call function xyz()”. Interpreting C++ ARM and #pragma dwim is also out of scope.

We’re treating our readers as intelligent beings who can use Google and/or StackOverflow, where all such specific questions were answered more than once.

What you will find is opinions, more opinions, and even more opinions on all the aspects of software development - and with a large chunk of them based on real-world experience too.

Your mileage may vary. Batteries not included.


Bot Fighting 201: Declarative Data+Code Obfuscation with Build-Time Polymorphism in C++

Quote: “Technically, what we’re looking for here, is any kind of bijection; we’ll use this bijection to convert our data from one representation into another one (and as it is a bijection, we can revert it later).”
Another Quote: “As we’re not writing our obf<> classes manually (instead, we have a code generator doing it for us on each build), the sky is the limit to the obfuscations we can generate.”

Are Top C++ Developers Migrating to Mac?

Quote: As Mac laptops are indeed very visible, we can easily review all conference videos on YouTube, and calculate a share of Macs used by speakers

Bot Fighting 103. Code Integrity Checks, Code Scrambling

Quote: “Bingo! We’ve got an executable, which automagically performs TONS of integrity checks, which checks are spread all over the executable, and are extremely non-obvious too.”
Another Quote: “This approach of ‘not revealing code until attack costs are high’ is certainly not limited to payments.”

Bot Fighting 102: System-Specific Kinda-Protection. Anti-Debugger, Anti-DLL-Injection, VM Detection.

Quote: “it is fundamentally impossible to prevent (or detect) debugging, at least as long we’re staying on one single box.”
Another Quote: “DON’T spend more than 10% of your overall anti-bot-fighting time budget on system-specific protections.”

Bot Fighting 101: Don’t Feed the Hacker

Quote: “Some of the system calls are not absolutely necessary, and using them will significantly simplify life of the attacker”
Another Quote: “Scrambling will help to protect your protocol even if the attacker manages to F.L.I.R.T. with your TLS library”

MOGs: Hacks and Hackers

Quote: “One of the nastier-for-us features of IDA Pro is so-called F.L.I.R.T.”
Another Quote: “All the popular protection methods lag well-behind capabilities of the average-attacker-on-a-100K-simultaneous-player-game.”

Merits of Anti-Reverse-Engineering for MOGs

Quote: “Given enough time, everything can be broken”
Another Quote: “in this fight, most of the non-cheating player population will be on our side”