This entry has been moved to Chris’ personal blog
This entry has been moved to Chris’ personal blog
What if Great Britain, Germany, Italy, Sweden,… had WHS tamper-proofing technology?
Would the US be prevented from spying? We are not in the business of getting our military technology by copy-cat and espionage of our allies, I hope. They need to prevent their secrets from leaking, both to their and to our enemies. However, any others who spy on the above countries would have less success if WHS technology would be in place.
What if China had our tamper-proofing technology?
Would we be prevented from spying? Maybe. I doubt that puts us back a lot, I think our technology is ahead. It may put back some other countries. China may have slightly less motivation to speed up the arms race. Good for the Chinese people, good for us.
What if Russia had our tamper-proofing technology?
Would we be prevented from spying? Could be. A small price to pay for other countries spying on Russia having a harder job. Russia may have slightly less motivation to speed up the arms race. Good for the Russian people, good for us.
What if Iran, Iraq, ISIS…
I can’t see where that would cause real suffering for us, nor for anybody else, them included.
What if organized crime had our tamper-proofing technology?
We make code hard to reverse engineer, or to tamper with; we don’t make code easy to hide. (The bad guys depend strongly on hiding their stuff.)
What if the US would use our tamper-proofing technology?
Fewer secrets would be lost through reverse engineering. There would be less fear software sabotage. Our defense technology wouldn’t really be more potent, but it would last longer until it is outdated. Cyber-criminals would need to work harder on any software that has been protected with WHS technology. Less profit for cyber-criminals will certainly not cause more crime.
What if software producers, movie producers had our technologies to protect their copyrights? There could be more revenue where it belongs, and less revenue for stolen copies.
Recently a new cyber crime story gets reported every week. This week’s news on cybercrime is about an attack at Sony Pictures Entertainment, among other problems making movies publicly available, and creating substantial damage.
An important aspect of most cyber crime is the fact that hacks usually cannot be attributed to the real source. Just because a computer was attacked by another computer, maybe in North Korea or maybe somewhere else doesn’t confirm the real source. That computer may itself be an innocent victim and may have been used by another computer in some other part of the world. There can be a chain of tens and more computers. Even aunt Emma’s computer may be part of such a chain. Therefore it is a very bad idea for most people to start counterattacking cyber criminals by themselves.
This attack is different from old fashioned cyber-crime in what it tries to do. It is not simply stealing some money were the loss of the victim matches the gains of the criminal; it is not simply leaking credit card numbers. The loss to Sony is “strategic”: The loss for Sony isn’t what is gone and has been stolen. The loss in this case is directly hurting Sony in its ability to do further business. As of today, such crimes are common place in newspaper talk about state-actors, cyber-“terrorism” and in hype like cyber-“war”. What is new and unusual here is that such losses are inflicted on normal, commercial business enterprises.
Adding several layers of protection could significantly minimize the risk of such attacks. Obfuscation of your code as provided by White Hawk Software can be one of these protective layers.
For more about this incident see:
Headline of the day
Chinese military unit charged with cyber-espionage…
(Guardian and 10000 other news sources)
Will hacking indictment against Chinese stop theft of U.S. trade secrets?
(Business Journal)U.S. Charges Five Chinese Military Hackers with Cyber Espionage
(U.S. Department of Justice )
Another alternative could be…
3 guesses what other solutions White Hawk Software is thinking about?
new official reply
includes: An indictment is merely an accusation, and a defendant is presumed innocent unless proven guilty in a court of law.
We reached an interesting way-point: “We got to eat our own dog food”. We created a protection for the protection-tool. First the obvious: we need tamper-proofing for the same reason everybody else does. But the second point is more interesting: about every customer will ask us whether we protect our own tool. We just have to do it.
Of course we would have a good excuse: The majority of the NestX86 protection-tool is written in a high level, byte-coded language. Our product is about protecting machine-code in object files. That may be a very good excuse technically, but to our customers it may nevertheless feel lame.
We can’t really handle byte-codes, but we still had to fake it. Instead of writing another protection-tool, we made a custom-protection. It is a prime example for how good expert work and protection-design can make up for lots of automatic tools. We also learned the lesson we want our customers to learn: One can develop one’s own protection, but buying a tool is much cheaper. (We knew that before.)
We know our program. We know what parts we really want to protect. We know what parts might give most insight into the internal workings of the important parts. Our tools’ performance is so good, we can easily give away some computer cycles for the protection. Doing it manually, we can add some devious decoys. Not random decoys, but decoys aimed at the particular circumstances. In addition we can protect the base libraries together with the real tool. The quantity alone of the protected code should discourage most attackers. (How can an attacker crack the binary if the source code with all its documentation is still hard to comprehend?) We don’t randomly rename identifiers, but make sure our renaming causes confusion and some aliasing. A small number of artificial sub-classing, use of undocumented private algorithms and some multithreading should dot the i-s and cross the t-s. Not yet having a protection tool doesn’t mean we didn’t create a number of special-purpose hacks for modifications to our source code before compilation.
For now we skip semantics-preserving transformations, until we have a decent automatic analyzer and composer for byte codes. If we weren’t a penny pinching startup company we would have bought a tool from one of our competitors. The free tools we tried were too difficult to use for our program base. The grin of a competitors sales-person selling us a tamper-proofing tool would just have been completely unbearable.
Go try to hack our tool while there is still some possibility. With the next release, or maybe the after-next, you can forget that. Sorry, this is rhetorical only: For legal reasons the license for our tool prohibits reverse engineering of the tool.