What reliable systems of protection against hacking protection programs exist? In particular, from reverse engineering?

I heard vaguely about protection on the basis of code execution in self-written virtual machines.

Who knows what about this?

Closed due to the fact that the question is too common for the participants pavel , AK , Grundy , Vadim Ovchinnikov , Kromster Jan 16 '17 at 18:11 .

Please correct the question so that it describes the specific problem with sufficient detail to determine the appropriate answer. Do not ask a few questions at once. See “How to ask a good question?” For clarification. If the question can be reformulated according to the rules set out in the certificate , edit it .

  • 2
    If something can be launched, it is something that can be hacked. - igumnov
  • one
    What is meant by protection? Protection of what? From copying, protection of the algorithm, password, access or what? More precisely please - Barmaley

5 answers 5

100% reliable systems from hacking no. Another question is that maybe it makes sense to make the software system pointless to hack.

There are many tricks designed to protect the program from hacking:

  • packer programs. They pack an executable file, and sometimes in very bizarre ways.
  • protectors. They often pack the executable program code + in every way rework it: change the import tables and the location of the modules of the executable file, add calls to the left code, encrypt the code, use self-modifying code , etc.
  • obfuscator programs. They add extra code, rename variables and functions (in the case, for example, of the .net platform, where intermediate byte code is distributed, and not executable files for a specific machine)
  • anti-debugging tricks. Examples: 1 , 2
  • write your virtual machine (and not give anyone the specifications :-)) and write a program for it.

You can use any bindings to the PC hardware.

Ultimately, the cost of protection should not exceed the value of the protected =)

    Open source If everything is open, then who will hack? Make love not war.

    This is a joke, of course. There is the same situation as with the iron door. All these encryption, obfuscators and so on. - Protection against punks. Serious experts will not stop it. Slow down, of course, their actions, but still hacked.

      License agreement + lawyers.

      Do not bother with any obfuscators. Who needs it - he will restore the obfuscated code. and samopisny virtualku breaks.

      Write quality software, for which people will want to pay.

      • Put a plus exclude the first sentence. - istem 10:08
      • and what you are not satisfied with the license agreement?) In the case of its violation, you can grab the perpetrator of the perineum. Lawyer) - nolka
      • I believe that only someone who does not use pirated products (anyone) has the right to catch someone for the crotch. Do you have all the programs, music, videos, etc. licensed? - skegg
      • @mikillskegg, if I, as a developer, had the opportunity to sell my software (without the staff of lawyers and the Security Council with batons), I would absolutely have everything licensed. And I would also make free and (AND, not XOR) quality software in my spare time. And it saddens me that it is not. And yes, I realize that being in a closed circle is a good explanation, but a bad excuse. - Sh4dow
      • @mikillskegg from me - yes) I’m a linuxid) From paid software I use trial versions. If you like the software, and from him there is a practical sense - I buy. - nolka

      A good option, but requiring a connection to the Internet from the user - shifting logic to the server.

      So breaking software is useless, because it is essentially a clean view (get, show, send a request). Keygens are useless - the code is checked on the server, debug, cracks - there too. For fun you can, of course, obfuscator and walk with all sorts of antidebagami, so that the blood from the eyes.

      But apply the method only if the first condition is not critical.

        Here is a list in no particular order: