Software Protection: Shuffeling my application?

Posted by Martijn Courteaux on Stack Overflow See other posts from Stack Overflow or by Martijn Courteaux
Published on 2010-06-09T15:55:20Z Indexed on 2010/06/10 6:12 UTC
Read the original article Hit count: 241

Filed under:

assembly

|

obfuscation

|

copyright

|

software-protection

Hi,

I want to continue on my previous question: http://stackoverflow.com/questions/3007168/torrents-can-i-protect-my-software-by-sending-wrong-bytes

Developer Art suggested to add a unique key to the application, to identifier the cracker.
But JAB said that crackers can search where my unique key is located by checking for binary differences, if the cracker has multiple copies of my software. Then crackers change that key to make them self anonymous.

That is true.

Now comes the question: If I want to add a unique key, are there tools to shuffle (a kind of obfuscation) the program modules? So, that a binary compare would say that the two files are completely different. So they can't locate the identifier key.

I'm pretty sure it is possible (maybe by replacing assembler blocks and make some jumps).
I think it would be enough to make 30 to 40 shuffles of my software.

Thanks

© Stack Overflow or respective owner

Related posts about assembly

More information wanted on error: CREATE ASSEMBLY for assembly failed because assembly failed verif

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a small application that uses SQL Server 2005 Express with CLR stored procedures. It has been successfully installed and runs on many computers running XP and Vista. To create the assembly the following SQL is executed (names changed to protect the innocent): CREATE ASSEMBLY myAssemblyName… >>> More
Installed SQL Server 2008 and now TFS is broken.

as seen on Server Fault - Search for 'Server Fault'
Hi, My W2K3 server was running TFS 2008 SP1, SQL Server 2005 Development edition. I installed SQL Server 2008 Standard. I installed it while leaving SQL Server 2005 alone. Upgrading was not possible due to the differences in editions of the SQL Servers. Now TFS is broken. On a client computer… >>> More
How to Specify AssemblyKeyFile Attribute in .NET Assembly and Issues

as seen on Microsoft .NET Support Team - Search for 'Microsoft .NET Support Team'
How to specify strong key file in assembly? Answer: You can specify snk file information using following line [assembly: AssemblyKeyFile(@"c:\Key2.snk")] Where to specify an strong key file (snk file)? Answer: You have two options to specify the AssemblyKeyFile infromation. 1. In… >>> More
Assembly Language Question: Display Characters to screen LIFO (Last In First Out) in assembly langua

as seen on Stack Overflow - Search for 'Stack Overflow'
Given a stack that displays characters to the screen First in First Out(FIFO), how do you switch it to display them Last in First Out(LIFO). Theoretically speaking... is it simply just sending the characters to print in reverse order? >>> More
c# - can you make a "weak" assembly reference to a strong named assembly

as seen on Stack Overflow - Search for 'Stack Overflow'
hi, for various reasons i would rather not use strong named (signed) assemblies in my project. however, one of the projects is referenced by a sharepoint web part which means it must be signed. is it possible to have this assembly signed but when I reference it from other projects, to do so using… >>> More

Related posts about obfuscation

Does obfuscation affects performance?

as seen on Stack Overflow - Search for 'Stack Overflow'
Does obfuscating a Java program affect its performance (excluding renaming things)? >>> More
Injection with google guice does not work anymore after obfuscation with proguard

as seen on Stack Overflow - Search for 'Stack Overflow'
Has anyone ever tried to combine the use of google guice with obfuscation (in particular proguard)? The obfuscated version of my code does not work with google guice as guice complains about missing type parameters. This information seems to be erased by the transformation step that proguard does… >>> More
Android and obfuscation

as seen on Stack Overflow - Search for 'Stack Overflow'
Is there anyone here who have real-world experience on this topic and is willing to share his experiences on subject? Links to guides/code/step-by-step instructions are highly appreciated. Thanks! >>> More
{smartassembly} Software for Code Obfuscation

as seen on Microsoft .NET Support Team - Search for 'Microsoft .NET Support Team'
{smartassembly} is a tool for ensuring that the source code your commercial .NET application isn't visible to anyone with .NET Reflector. Matteo Slaviero, who writes for us about encryption in .NET, asked if he could write a review of {smartassembly} for Simple-Talk. Because we like the product too… >>> More
{smartassembly} software for code obfuscation

as seen on Simple Talk - Search for 'Simple Talk'
{smartassembly} is a tool for ensuring that the source code your commercial .NET application isn't visible to anyone with .NET Reflector. Matteo, who writes for us about encryption in .NET, asked if he could write a review of {smartassembly} for Simple-Talk. Because we like the product too, and Red… >>> More