Recent

Author Topic: Some observations on the use of RTTI  (Read 4053 times)

dbannon

  • Hero Member
  • *****
  • Posts: 3156
    • tomboy-ng, a rewrite of the classic Tomboy
Re: Some observations on the use of RTTI
« Reply #60 on: October 23, 2024, 02:17:03 am »
You know how Lazarus compiles resources right? All images, icons and co are encoded as strings which are decoded at runtime.

Strings just gives you everything that looks like a string within a file. So it's not all Symbols. It's all the graphics, configurations and all the other resources.

Indeed. So, still looking at my binary (Lazarus is too big and I'm more likely to recognize my text). By telling 'string' to only show strings of 10 or more characters, I end up with almost as much text content and considerably less random characters that are clearly part of a binary object of some sort.

I believe I could read to you at least two thirds of the resulting 1.6Meg, 23K line file.  I doubt either you nor I wish that ....

My point was that there is already a lot of readable text in the binary. Adding RTTI would not increase it by that much.

I also looked for similar sized apps on my system, like the Crusader's Wife, to make a comparison. Generally, with a very approximate "like for like", there seems a lot more text in a Lazarus app than the C or C++ ones.  But, importantly, I'm not opening the "gee, Pascal makes big binaries" argument ! Please !

Davo
Lazarus 3, Linux (and reluctantly Win10/11, OSX Monterey)
My Project - https://github.com/tomboy-notes/tomboy-ng and my github - https://github.com/davidbannon

MarkMLl

  • Hero Member
  • *****
  • Posts: 7999
Re: Some observations on the use of RTTI
« Reply #61 on: October 23, 2024, 09:40:15 am »
But assertions have nothing to do with rtti. Also like any messages like error messages or exception names and stuff like that will be visible in the binary.

Yes, I know. My only point is that they're contributing to the amount of text picked up if one uses a simple evaluation based on the unix strings command: apart from that I'm not judging.

MarkMLl
MT+86 & Turbo Pascal v1 on CCP/M-86, multitasking with LAN & graphics in 128Kb.
Logitech, TopSpeed & FTL Modula-2 on bare metal (Z80, '286 protected mode).
Pet hate: people who boast about the size and sophistication of their computer.
GitHub repositories: https://github.com/MarkMLl?tab=repositories

MarkMLl

  • Hero Member
  • *****
  • Posts: 7999
Re: Some observations on the use of RTTI
« Reply #62 on: October 23, 2024, 09:44:06 am »
Even if rtti information is exposed, Is there any style of writing code that makes it more difficult to reverse engineer maybe?

As Sven suggests, obfuscating assertions and other user-facing text would certainly be a good start. However I'm a bit concerned that this would have to be retrofitted to the RTL/FCL/LCL.

I wonder whether i18n would help, i.e. a dummy "obfeng" locale for obfuscated English?

MarkMLl
MT+86 & Turbo Pascal v1 on CCP/M-86, multitasking with LAN & graphics in 128Kb.
Logitech, TopSpeed & FTL Modula-2 on bare metal (Z80, '286 protected mode).
Pet hate: people who boast about the size and sophistication of their computer.
GitHub repositories: https://github.com/MarkMLl?tab=repositories

MarkMLl

  • Hero Member
  • *****
  • Posts: 7999
Re: Some observations on the use of RTTI
« Reply #63 on: October 24, 2024, 11:53:58 am »
I think https://hackaday.com/2024/07/04/smartwatch-snitches-on-itself-and-enables-reverse-engineering/ is a nice little illustration of what a "hat wearer"- hostile or otherwise- can do relatively easily these days.

Quote
...He couldn’t find the IP as a string in the firmware, but he did manage to find a sprintf-like format string for IP addresses, which led him to a likely memory location. Sure enough, the IP and port were right there, so he wrote a script to change the address to a server he had the keys for...

If that format string had been even minimally obfuscated, he wouldn't have spotted it. The same applies to RTTI etc.

MarkMLl
MT+86 & Turbo Pascal v1 on CCP/M-86, multitasking with LAN & graphics in 128Kb.
Logitech, TopSpeed & FTL Modula-2 on bare metal (Z80, '286 protected mode).
Pet hate: people who boast about the size and sophistication of their computer.
GitHub repositories: https://github.com/MarkMLl?tab=repositories

marcov

  • Administrator
  • Hero Member
  • *
  • Posts: 11930
  • FPC developer.
Re: Some observations on the use of RTTI
« Reply #64 on: October 24, 2024, 01:33:47 pm »
Indeed. Which is why at work (with C++) we obfuscate strings at compile time for code that's critical to our copy protection system (and only that) plus using a small virtual machine with proof of work concepts to protect it even further and temper detection mechanisms that separate detection and action. The main point of all this is not necessarily to prevent adversaries cracking the software at all, but to be annoying enough that it's so low on the priority list of them that we can release a new version with new features (and adjusted piracy protection) before they're able to crack the released software. (Though to be fair our software is essentially based on a user space virtual machine, so we have a bit more freedom with protecting things than singular binaries have)

We use a commercial dongle with encrypted binary for the same reasons. In addition that also matches the number of licenses to the used number of software. This because for some of our products, the components to build it are readily available to anyone, and the software is our main added value.

MarkMLl

  • Hero Member
  • *****
  • Posts: 7999
Re: Some observations on the use of RTTI
« Reply #65 on: October 24, 2024, 02:13:57 pm »
We use a commercial dongle with encrypted binary for the same reasons. In addition that also matches the number of licenses to the used number of software. This because for some of our products, the components to build it are readily available to anyone, and the software is our main added value.

I once knew somebody- a fine, upstanding member of the community and a lay preacher- who spent a year of lunchtimes singlestepping into a CAD package until he found the opcode that decided whether the dongle was plugged in and could patch it. And he professed to not know x86 assembler, just how to single-step...

Irrespective of whether one can monitor USB and decrypt challenge/response sequences, and irrespective of whether one can get physical access to a TPM and read it with an RPi Pico, there's always weak points that can be attacked by a determined intruder and the more recognisable patterns he can see the easier his job is.

MarkMLl
MT+86 & Turbo Pascal v1 on CCP/M-86, multitasking with LAN & graphics in 128Kb.
Logitech, TopSpeed & FTL Modula-2 on bare metal (Z80, '286 protected mode).
Pet hate: people who boast about the size and sophistication of their computer.
GitHub repositories: https://github.com/MarkMLl?tab=repositories

PascalDragon

  • Hero Member
  • *****
  • Posts: 5750
  • Compiler Developer
Re: Some observations on the use of RTTI
« Reply #66 on: October 24, 2024, 10:22:23 pm »
Even if rtti information is exposed, Is there any style of writing code that makes it more difficult to reverse engineer maybe?

Not really.

Sieben

  • Sr. Member
  • ****
  • Posts: 363
Re: Some observations on the use of RTTI
« Reply #67 on: October 24, 2024, 11:56:56 pm »
I for my part would like everything to be open source. Of course that has a whole lot of impications but I won't reject them.
Lazarus 2.2.0, FPC 3.2.2, .deb install on Ubuntu Xenial 32 / Gtk2 / Unity7

Joanna from IRC

  • Hero Member
  • *****
  • Posts: 1198
Re: Some observations on the use of RTTI
« Reply #68 on: October 25, 2024, 01:39:19 am »
Opensource is definitely altruistic from the standpoint of promoting fpc, however not everyone is happy with the possibility of their code being used by for profit enterprises without even giving them credit.
✨ 🙋🏻‍♀️ More Pascal enthusiasts are needed on IRC .. https://libera.chat/guides/ IRC.LIBERA.CHAT  Ports [6667 plaintext ] or [6697 secure] channel #fpc  #pascal Please private Message me if you have any questions or need assistance. 💁🏻‍♀️

 

TinyPortal © 2005-2018