P-156: Update 18: Obfuscation/Copyright Protection
by PhoenixGames on Apr.13, 2015, under Software and Games, Software Engines
There are software programs out there called “Decompilers” which are designed to reverse engineer an executable and produce, ideally, the original source code in it’s entirety. There are also programs which are designed to search for string literals in an exe, and extract them. These programs are quite common, and can be surprisingly effective at producing working source code from an executable.
Since my current project, unlike previous ones, requires some confidentiality, I found myself facing this problem for the first time.
There are various methods which can be used to obfuscate an .exe, including downloadable programs.
These programs basically randomise all function and variable names, for example, “readdatafromfile()” could become “afjsk()”. This obviously makes it very difficult to figure out how a program works.
I have also come up with my own strategy for obscuring the strings within my program. It is no doubt not fool proof, but it should be easily enough to prevent a casual, or even a relatively concerted, attempt to reverse engineer or decompile the program.
Some of the obfuscation program I have been looking at (for C++) are Mangle-It, Morpher, CShroud, COBF and Stunnix.
There are some that would argue that with a non-interpreted language like C++, obfuscation is unnecessary. This is because the code compiles to machine code, which is essentially obfuscated, even if not by design. This is unlike interpreted languages like Java, which are, according to what I have read, much easier to decompile since they don’t compile to machine code, but to “bytecode”, which is a higher level language.
Despite this, however, I believe that using an obfuscator, or at the very least bearing code security and obfuscation in mind when writing code, must provide some additional protection from casual theft. Clearly, “security through obscurity” in this way is not enough to prevent theft, but depending on the circumstances, it could be a useful protection mechanism.
