
	Where results make sense

Topic: Obfuscating software

Related Topics

Trust (property)

Taiyuan University of Science and Technology

Battle of Soltis

Soviet Academy of Sciences

Isaac Brock (musician)

Operation Boleas

1756 in science

Oldbuck

24th March

Operation Cooney

Queen Marie of Romania

	Welcome to Wise Owl
		Normally, when you obfuscate an assembly, the obfuscator must not change the names of any types and members that are accessible from outside the assembly.
		In order to ship a new version of a single assembly that was obfuscated as a set, an obfuscator must insure that types and members in the new version receive the same obfuscated names as they had in the previous version.
		Second-generation obfuscators overload unrelated methods in a misguided attempt to increase the confusion factor of the code and in a valid attempt to reduce the number of symbols.
	www.wiseowl.com /products/DemeanorEnterprise.aspx (2599 words)

	OSD - 69 Phase I Selections from the 03.1 Solicitation
		Software binding techniques include cryptographically merging the hardware platform signatures with software computations so that the execution stream and results are valid only when the designated software is run on one specific machine.
		Obfuscation is the the most widely applicable protection technique for defeating reverse engineering because its protections operate even when an adversary knows the target operating system and processor, and has uncontrolled access to a static copy of the binary.
		This software tool suite would be highly marketable in the DoD through SPI as well as in the commercial arena to major software vendors, aerospace companies, and all organizations interested in protecting and maintaining control of their intellectual property.
	www.dodsbir.net /awardlist/abs031/osdabs031.htm (8754 words)

	Java.net - the Source for Java(tm) Technology Collaboration
		Obfuscation is often compared to encryption, which is unfortunate, since the goals of each are rather different.
		Obfuscation, on the other hand, is (usually) a lossy, one-way transformation of data (and in our context, data is primarily executable code).
		Obfuscation exists because encryption doesn't apply to the problem of protecting software code that will be executed.
	today.java.net /lpt/a/142 (2939 words)

	java.net: The New Obfuscation
		My slight hostility to obfuscation arises from the false sense of security that it inspires - obfuscated code is not "safe" from attack, and indeed "security through obscurity does not work" is pretty much the mantra of the responsible parts of the security industry.
		If one obfuscates their code, it may lose in theory some commonality to what is being optimized for but in reality this may or may not make a practical difference.
		If you are paranoid, you may first use an obfuscator to rename the identifiers and encrypt srtings, but make sure to leave the bytecode intact so that the native compiler optimize it to a better degree.
	today.java.net /pub/a/today/2004/10/22/obfuscation.html (4293 words)

	Junk Code Obfuscator
		Junk Code Obfuscator turns binary code into an undecipherable mess that is not similar to normal compiled code, and completely hides execution logic of the protected code.
		Obfuscator protect source code, so after obfuscating, the text source code is obfuscated and messed, but the final compiled binary code does not change, it's same as the original binary code.
		It is an excellent solution to protect software applications from reverse engineering, analysis, modifications, and cracking used in obfuscating software.
	www.textrush.com /junk-code-obfuscator.htm (480 words)

	STSC CrossTalk - A Survey of Anti-Tamper Technologies - Nov 2004 (Site not responding. Last check: 2007-09-17)
		Software downloaded onto a machine would be stored in encrypted form on the hard drive and would be decrypted and executed by the hardware, which would also encrypt and decrypt information it sends and receives from its random access memory.
		Obfuscation transformations are classified according to several criteria: how much obscurity they add to the program (potency), how difficult they are to break for a de-obfuscator (resilience), and how much computational overhead they add to the obfuscated application (cost).
		In [4], software complexity metrics are used to formalize the notion of transformation potency and resilience.
	www.stsc.hill.af.mil /crosstalk/2004/11/0411Atallah.html (4417 words)

	Obfuscated code - Wikipedia, the free encyclopedia
		Software obfuscation tools include specialized obfuscators to demonstrate a relatively limited technique, more general obfuscators which attempt a more thorough obfuscation, and combined-function tools which obfuscate code as part of a larger goal such as software licensing enforcement.
		Thus, obfuscators do not provide security of a level similar to modern encryption schemes, and should be used with other measures in tandem, in cases where security is of high importance.
		Obfuscating software (also known as obfuscators) is software designed to inhibit reverse engineering of software even when source code is available, by converting it to
	en.wikipedia.org /wiki/Obfuscating_software (2134 words)

	bramcohen: Obfuscating BitTorrent
		Obfuscating the protocol doesn't even claim to make it difficult to find out who's downloading a particular file.
		Backwards-compatible obfuscation (as opposed to incompatible obfuscation) is still a dubious idea, but at least it isn't a harmful idea.
		In the software model, if someone gets on a torrent, finishes downloading, and then leaves before another person on the same network joins it, the new peer would have to download the entire torrent from outside the network.
	bramcohen.livejournal.com /29886.html (4463 words)

	Software security principles: Part 5 (Site not responding. Last check: 2007-09-17)
		For years, there was an escalation in the number of techniques being used; vendors would try harder to keep people from finding the secrets to "unlocking" software, and the software crackers would try harder to break the software.
		The practice of trusting a binary (or any other form of obfuscation, for that matter) to keep secrets for you is affectionately termed "security by obscurity" (see Resources).
		In a previous developerWorks article, "Make your software behave: Assuring your software is secure," Gary and John lay out their five-step process for designing for security.
	www-128.ibm.com /developerworks/library/s-princ5.html (2494 words)

	toxicsoftware.com » AquaticPrime Warning
		This is the home of Toxic Software, makers of software for Mac OS X. About Me My name is Jonathan Wight and I am the sole person behind Toxic Software.
		The software can then use its public key to verify that the license key was signed by the public key.
		Someone trying to steal a copy of the software would be unable to forge their own license files because the public key works with one and only one private key.
	toxicsoftware.com /blog/aquaticprime-warning (2816 words)

	How to lock down your Java code (or open up someone else's) (Site not responding. Last check: 2007-09-17)
		A Java obfuscator changes a program in subtle ways, such that it behaves identically as far as the JVM is concerned, but is more confusing to the human trying to understand it.
		An obfuscator such as jmangle changes many of the variable and method names (and sometimes even class and package names) into meaningless strings.
		Not only have decompilation and obfuscation techniques become more intricate over the past five years, but the interfaces to them are becoming increasingly slick.
	www-106.ibm.com /developerworks/java/library/j-obfus (3040 words)

	Noah Campbell » Blog Archive » bramcohen: Obfuscating BitTorrent
		Fourth, when it comes to dealing with ISPs, obfuscation is some combination of hostile, unprofessional, and harmful.
		Software projects which value quality over featuritis generally steer clear of such things, especially when their potential effectiveness level is the equivalent of spitting in one’s face than actual utility.
		This entry was posted on Friday, September 1st, 2006 at 5:01 pm and is filed under security, software, engineering.
	www.noahcampbell.info /2006/09/01/bramcohen-obfuscating-bittorrent (228 words)

	Obfuscator Skater .NET Obfuscator ilasm ildasm decompile obfuscate
		Over the years, several software protection techniques have been developed, code obfuscation is one of them and it is very promising.
		The chief functions of any software protection technique can be determined as detection of pirate attempts to decipher or tamper software, protection against such attempts and alteration of software to ensure that it functionality degrades in an undetectable manner if the protection fails.
		Moreover, since only Control Flows are obfuscated with a sequence of transformations that produce equivalent results of the original fragments, the final output can still preserve the same execution results as the original codes.
	rustemsoft.com /obfuscator.htm (1481 words)

	A Taxonomy of Obfuscating Transformations - Collberg, Thomborson, Low (ResearchIndex) (Site not responding. Last check: 2007-09-17)
		Abstract: It has become more and more common to distribute software in forms that retain most or all of the information present in the original source code.
		We will argue that automatic code obfuscation is currently the most viable method for preventing reverse engineering....
		Static Disassembly of Obfuscated Binaries - Kruegel, Robertson, Valeur, Vigna (2004)
	citeseer.ist.psu.edu /collberg97taxonomy.html (706 words)

	Coding Horror: Obfuscating Code (Site not responding. Last check: 2007-09-17)
		Obfuscation used to mean padding the code with extra variables and gibberish -- that is until a company in Cleveland, Ohio, called Preemptive Solutions Inc. came out with a bytecode optimizer for Java.
		Called DashO, this software was intended to make Java programs load and run faster by removing all code that wasn’t necessary, which is to say de-obfuscating and making perfectly clear what had been so carefully muddied before.
		One alternate solution is to write code in languages that are already obfuscated, as demonstrated in the International Obfuscated* C Code Contest.
	www.codinghorror.com /blog/archives/000291.html (1097 words)

	Cryptology ePrint Archive (Site not responding. Last check: 2007-09-17)
		Informally, an {\em obfuscator} $O$ is an (efficient, probabilistic) ``compiler'' that takes as input a program (or circuit) $P$ and produces a new program $O(P)$ that has the same functionality as $P$ yet is ``unintelligible'' in some sense.
		Most of these applications are based on an interpretation of the ``unintelligibility'' condition in obfuscation as meaning that $O(P)$ is a ``virtual fl box,'' in the sense that anything one can efficiently compute given $O(P)$, one could also efficiently compute given oracle access to $P$.
		We extend our impossibility result in a number of ways, including even obfuscators that (a) are not necessarily computable in polynomial time, (b) only {\em approximately} preserve the functionality, and (c) only need to work for very restricted models of computation ($TC_0$).
	eprint.iacr.org /2001/069 (252 words)

	Encoding/Obfuscating PHP Code \| alexking.org (Site not responding. Last check: 2007-09-17)
		I’ve been told by a number of people that I should encode or obfuscate the source code for Tasks Pro™.
		I have read of some other obfuscators for JAVA, where the application keeps a list of function names and variable names on the master encoder’s machine to be able to decode error messages with ease - a great idea, and not sure if any PHP Ob’s do this or not.
		A cross-reference is produced so that an obfuscated name can be easily mapped back to the original one.
	alexking.org /blog/2004/02/07/encodingobfuscating-php-code (1224 words)

	Chapter 3: Obfuscating classes
		Obfuscation is the process of transforming bytecode to a less human-readable form with the purpose of complicating reverse engineering.
		Obfuscation is one of the best ways to protect the intellectual property of Java bytecode.
		Obfuscators perform some or all of the following transformations: stripping out debug information, name mangling, encoding strings, changing control flow, inserting corrupt code, eliminating unused code, and optimizing bytecode.
	searchnetworking.techtarget.com /tip/1,289483,sid4_gci996601,00.html (383 words)

	On the (Im)possibility of Obfuscating Programs (Site not responding. Last check: 2007-09-17)
		Informally, an obfuscator O is an (efficient, probabilistic) ``compiler'' that takes as input a program (or circuit) P and produces a new program O(P) that has the same functionality as P yet is ``unreadable'' in some sense.
		Obfuscators, if they exist, would have a wide variety of cryptographic and complexity-theoretic applications, ranging from software protection to homomorphic encryption to complexity-theoretic analogues of Rice's theorem.
		We extend our impossibility result in a number of ways, including even obfuscators that (a) are not necessarily computable in polynomial time, (b) only approximately preserve the functionality, and (c) only need to work for very restricted models of computation TC0).
	www.wisdom.weizmann.ac.il /~oded/p_obfuscate.html (220 words)

	O'Reilly Network -- Protect Your Source Code: Obfuscation 101
		If all goes well, a preview of the obfuscated source code opens up that is quite a bit harder to understand.
		Since obfuscating is not adding any more anti-piracy value to your product than you're already getting by byte-compiling any amount of time you put into it is a waste of your employer's money.
		If you obfuscate the code by hand, woe be unto the next person who has to maintain that code.
	www.oreillynet.com /pub/a/mac/2005/04/08/code.html?page=last (3319 words)

	Covert Java: Obfuscating Classes > Protecting the Ideas Behind Your Code (Site not responding. Last check: 2007-09-17)
		This is certainly recommended for inventions and major discoveries that required a lot of investment into research and development.
		Copyrighting software is a rather easy and cost-effective process, but it protects only the "original" code of the application, not the ideas behind it.
		Others would not be able to take copyrighted code and use it in their applications without the author's permission, but if they have their own implementation of the same feature, it would not be considered a violation to use that.
	www.informit.com /articles/article.asp?p=174368 (579 words)

	ServerMask Security Solutions FAQ :: Port80 Software
		Revealing the specific software version of the server might allow the server machine to become more vulnerable to attacks against software that is known to contain security holes.
		The concept is to use obfuscation and misdirection to dissuade or delay a hacker so they can be identified and dealt with by your intrusion detection and firewall systems.
		ServerMask for IIS was the first product that Port80 Software released in 2002, and this software tool is used by governments, financial and banking organizations, and companies of all sizes to enhance their Web server security with server anonymization.
	www.port80software.com /products/servermask/faq.asp (5257 words)

	Quick Reference For Choosing a Free Software License (Site not responding. Last check: 2007-09-17)
		My goal in writing this document is to provide information for people who are choosing a free software license for their own projects.
		According to these messages from the license-discuss mailing list: [1, 2, 3, 4, 5], it is not possible to voluntarily place your software into the public domain under United States law.
		The most common misunderstanding about software licenses is that giving someone else a copy of your source code under a license restricts what you are allowed to do with your source code.
	zooko.com /license_quick_ref.html (1618 words)

	Obfuscator .NET for Visual Studio .NET Obfuscator .NET ilasm Obfuscator .NET Obfuscator ildasm .NET Obfuscator .NET ...
		In an effort to render harmless the threat from illegal reverse engineering, software professionals developed techniques to hide (obfuscate).NET code before it was shipped to end-users.
		Code obfuscation is a form of software protection against unauthorized reverse-engineering.
		Skater.NET obfuscator performs the deciphering protection by various means that mainly concentrate on making the assembly members names meaningless, encrypting string values, and including tricking code commands that render disassembled code not recompilable.
	rustemsoft.com /Obfuscation.htm (932 words)

	Software Security
		Software reverse engineering is the art of revealing the secrets behind a software.
		It is illegal (and immoral in my view) to reverse engineer software for commercial purposes, but it is legal to reverse engineer for educational purposes.
		Code obfuscation is a technique for protecting programs from being reverse engineered.
	www.cs.technion.ac.il /~itaish/software_security.htm (373 words)

	Zend Guard 4.0 – Mac OS X – VersionTracker
		Software vendors are increasingly writing applications in PHP with the aim of distributing them via download or CD.
		Zend Guard, likes its predecessor Zend Encoder, allows Independent Software Vendors (ISVs) and IT managers to safely and confidently distribute and manage the deployment of their PHP applications while protecting their source code.
		Zend Guard 4 is the only product that obfuscates object oriented programs created with PHP 4 and PHP 5.
	www.versiontracker.com /dyn/moreinfo/macosx/25039 (328 words)

	Software Security
		Applied cryptography is an important weapon in the software security arsensal, however, it is insufficient for security.
		Approaching Security by building Secure Software from the beginning as proposed by the author is likely to prove unsuccessful.
		New techniques are needed to separate software security concerns from software functional concerns and to apply both to the cross-cutting requirements of each.
	www.ecs.csun.edu /~btimmer/COMP595SEC/SoftwareSecurity06.htm (692 words)

	Software Labourers
		Often, you find there's actually a software engineering god (or at least acolyte) hidden away somewhere - after all, someone's got to produce the "simple" interface to SQL for all the labourers to use.
		It's amazing how many people I've met who are now "software engineers" (and therefore seem to rank alongside me in the company's views) who a year ago were an accountant, a history graduate, studying for but not passing their A-levels, a furnature maker, an English teacher.
		Speaking as a software engineer who's made a great deal of investment in the career, I find it rather insulting that that person thinks it takes 3 years of degree plus a year of teacher training to become a teacher, but only a three week course on Java to become a software engineer...
	c2.com /cgi/wiki?SoftwareLabourers (1828 words)

Try your search on: Qwika (all wikis)