Forum > General

Some observations on the use of RTTI

<< < (14/14)

MarkMLl:

--- Quote from: marcov on October 24, 2024, 01:33:47 pm ---We use a commercial dongle with encrypted binary for the same reasons. In addition that also matches the number of licenses to the used number of software. This because for some of our products, the components to build it are readily available to anyone, and the software is our main added value.

--- End quote ---

I once knew somebody- a fine, upstanding member of the community and a lay preacher- who spent a year of lunchtimes singlestepping into a CAD package until he found the opcode that decided whether the dongle was plugged in and could patch it. And he professed to not know x86 assembler, just how to single-step...

Irrespective of whether one can monitor USB and decrypt challenge/response sequences, and irrespective of whether one can get physical access to a TPM and read it with an RPi Pico, there's always weak points that can be attacked by a determined intruder and the more recognisable patterns he can see the easier his job is.

MarkMLl

PascalDragon:

--- Quote from: Joanna from IRC on October 23, 2024, 02:01:24 am ---Even if rtti information is exposed, Is there any style of writing code that makes it more difficult to reverse engineer maybe?

--- End quote ---

Not really.

Sieben:
I for my part would like everything to be open source. Of course that has a whole lot of impications but I won't reject them.

Joanna from IRC:
Opensource is definitely altruistic from the standpoint of promoting fpc, however not everyone is happy with the possibility of their code being used by for profit enterprises without even giving them credit.

Navigation

[0] Message Index

[*] Previous page

Go to full version