Local Links

External Links

Contact

Search this site

Arbed - Obfuscation features


Obfuscation is used in a program to hide information about its inner workings. Its purpose is to keep lurkers and hackers from figuring out what the program does, preventing them to modify (crack) your program or to simply extract information from it.

There are two types of obfuscation that Arbed can perform on your projects:

  1. String obfuscation. That means that the texts appearing in your code won't appear in clear in the built executable. This prevents lurkers from using a file (hex) editor to see your app's SQL statements, serial codes and similar private data.
  2. Method name mangling. This modifies the names of your functions so that one cannot tell what its subroutines do by looking at their usually descriptive names.

String obfuscation

(Available in Arbed 1.6 and later)

This operation rewrites your code so that strings do not appear in clear from in your built program any more. Instead, it stores encoded (encrypted) versions of strings in the code, and adds code that decodes the strings at runtime.

So, instead of seeing clear text strings such as "enter your serial number here", an attacker will see nothing but garbled data that he can't decypher by simply looking at it. To make sense and decode these strings, the hacker would have to find and understand the machine code that uses and decrypts these strings. While that is not impossible to accomplish, it requires a lot more expertise and time investment than what it takes to use a hex editor to look over the executable file to find out what the program seems to do. Remember: The key to preventing hacks is not to make it 100% safe (this can't be done) but to make it so hard that the attacker is likely to give up. (See also my article on foiling attempts at cracking.)

Details for performing String Obfuscation with Arbed are on this separate page

Method name mangling

Not available yet.


Page last modified on 2012-11-16, 06:21 EST
Powered by PmWiki