Secure Coding mailing list archives
Managing the insider threat through code obfuscation
From: jose at monkey.org (Jose Nazario)
Date: Thu, 15 Dec 2005 09:26:06 -0500 (EST)
On Thu, 15 Dec 2005, Kenneth R. van Wyk wrote:
The article's premise is that, because attackers can find out a great deal about the internals of databases and such by decompiling bytecode (in Java and .NET), bytecode should be obfuscated to hide its internal details. The article points to several commercial bytecode obfuscation products: http://www.devdirect.com/ALL/OBFUSCATIORS_PCAT_2014.aspx
if the person can develop exploits against the holes in the code, what makes you think they can't fire up a runtime debugger and trace the code execution and discover the same things? the biggest threat internally isn't the one or two people per thousand who can and will do this, it's the much larger number of people who wont use exploit development techniques to access things they shouldn't. bytecode obfuscation does nothing to stop that. ________ jose nazario, ph.d. jose at monkey.org http://monkey.org/~jose/ http://infosecdaily.net/ http://www.wormblog.com/
Current thread:
- Managing the insider threat through code obfuscation Kenneth R. van Wyk (Dec 15)
- Managing the insider threat through code obfuscation Jose Nazario (Dec 15)
- Managing the insider threat through code obfuscation Kenneth R. van Wyk (Dec 15)
- Managing the insider threat through code obfuscation Dana Epp (Dec 15)
- Managing the insider threat through code obfuscation Kenneth R. van Wyk (Dec 15)
- Managing the insider threat through code obfuscation Matt Bishop (Dec 15)
- <Possible follow-ups>
- Managing the insider threat through code obfuscation Jeremy Epstein (Dec 15)
- Managing the insider threat through code obfuscation James Stibbards (Dec 15)
- Managing the insider threat through code obfuscation Jose Nazario (Dec 15)