Beruflich Dokumente
Kultur Dokumente
Reversing Compilation
Written By,
Tushar B Kute,
Lecturer in Information Technology
(K. K. Wagh Polytechnic, Nashik – 3, Maharashtra, INDIA)
Email – tbkute@gmail.com
As every coin has two sides, Decompiler also can be used positively or
negatively. License agreements don’t offer any real protection from a programmer
that wants to decompile your code. So to avoid misuse of this concept, we need the
ways to avoid misuse of Decompiler. That is, need of protection if decompiler is
misused.
Use of Obfuscator:
Some companies are finding that if source code is so readily accessible then
why not just sell it at a higher price. JClass is available from the KL Group as both
class file and source code. The difference in price is so small that it just doesn’t
make any sense to decompile, given the time and energy that is sometimes required.
We’ve already talked about the possibility of giving away our code at a higher price.
If the price is not too high we could convince the decompiler to pay for the code as
programmer’s comments are usually very informative. This won’t be for everyone but
why not make some money on the fact that some people will decompile our code to
copy it, so why not try to gain some revenue on these otherwise illegal activities.
License agreement
License agreements don’t offer any real protection from a programmer that
wants to decompile our code.
Code Fingerprinting
IPR protection schemes are one of the areas where real strides are likely to
be made in class-file protection. The logic behind IPR protection schemes with
respect to Java is that if we can’t get at the class-file then we cannot possibly
decompile it and to do that we need a secure browser cache.
Already secure browsers that don’t dump class-files, HTML or images to the
Internet Explorer or Netscape Navigator cache are on the market. Breaker
Technologies have a secure browser and IBM’s CryptoLive claims to have one and
no doubt there are others. For the moment this technology is in it’s infancy but
expect it to grow.
Intellectual Property Rights (IPR) protection schemes such as IBM’s
Cryptolope Live or InterTrust’s DigiBox and Breaker Technologies’ SoftSEAL are
normally used to sell HTML documents or audio files on some pay-per-view basis or
pay-per-group scheme. However as they typically have built in trusted HTML viewers
they allow Java applets to be seen but not copied. Unfortunately IPR protection
schemes are not cheap. Worse still some of the clients are written in 100% pure
Java and can therefore be decompiled. Similar protection schemes in the future are
likely to provide the best chance of success in nailing the decompiler issue once and
for all.
Executables applications
The safest protection for applets is to hide all the interesting code on the web
server and only use the applet as a thin front end GUI. However this increases web
server load and goes against the Java methodology.
Best Defense
Drawbacks
• Functionality not user Friendly: Using Decompiler’s i.e. getting full use of
Functionality of Decompiler is not much user friendly, some times due to need
of technical background, lack of GUI.
• Presence of Larger Size of Source Code: It is harder to get source code back
from larger size of decompiled data. For e.g. Decompiling Office 97 using dcc
(A Decompiler) would create so much code that it is about as user friendly as
debug or a hexadecimal dump. Most modern commercial software’s source
code is so large that it becomes unintelligible without the design documents
and lots of source code comments. Let’s face it; many people’s C++ is hard
enough to read six months after they wrote it. So how easy would it be for
someone else to decipher C code that came from compiled C++ code without
any help even if the library calls aren’t traversed?
• No GUI for older ones: As older Decompiler’s where mainly used by
developers hence the lack GUI which is common for many softwares, hence
due to lack of GUI handling Decompiler becomes harder.
• Compiler Dependent: As Design of Decompiler depends on compiler for which
it is been developed. Hence change in compiler causes to write updated
Decompiler.
• Increasing Trend towards Stealing code: Habits of using Decompiler are
increasing trends towards stealing code other than for educational purpose.
• Giving Trusted Secrets to Competitors, Hackers: Using Decompiler the
competitors, hackers can get inside the product and can acquire Trusted
Secrets, which else was hard to known.
• Security holes Exposed: The security holes can be made public using
Decompilers in software developed.
Conclusion
• The future of decompilation and obfuscation techniques looks like being fairly
reminiscent of the Cold War. An arms race is brewing between the decompiler
developers and the obfuscator developers. Oddly enough these are often the
same companies trying to break a rival’s product and then sell there own
obfuscator as the only 100% secure solution.
• The Attitude towards Decompiler’s is needed to be changed, as there are
many positive uses of this concept, so more attention is needed to be given to
this concept.
References
----------------