1. The Sixth Ruble, the Last Roadmap to Currency Dismantling
  2. Financial Algorithms in C++
  3. First Evidence of Quantum Entanglement in Photosynthesis
  4. An Application of Ramsey’s Theorem to Proving Program Terminate
  5. A Mathematical Approach to Order Book Modelling
  6. Biclique Cryptanalysis of the Full AES
 
  1. Optimizal Equity Monetization
  2. The Litigation of Financial Innovations
  3. What Does Individual Option Volatility Smirk Tell Us About Future Equity Returns?
  4. Human-Agent Auction Interactions: Adaptive-Aggressive Agents Dominate
  5. 10 Award-Winning Scientific Simulation Videos
 

I’ve got way too many emails from this blog, but one has found my attention: a reader has emailed me asking for advice on Android Native Code obfuscation, in the same line of previous posts. It’s pretty clear that ProGuard it’s an excellent solution for the main language of the Android platform, Java, but there is no clear alternative for native development in C/C++ with ARM binaries.

The best way to frame this question is to start defining what would be the preferred tools to decompile/disassemble the binary code by Mallory, our evil cracker. Many tools have existed over the years to decompile C code (REC, DCC), Hex-Rays being the latest and most powerful one ever, so it would be the first in her tool chest. Fixed the chosen scalpel, the most effective countermeasure against that, and any decompiler, is self-modifying/metamorphic code, since it breaks their over-reliance on static binary analysis. But the downside of it being that it’s very difficult to create good, reliable self-modifying/metamorphic code, especially in these times in which almost everyone abhors assembly programming, so protecting most parts of the binary and decrypting them at program load time it’s a realistic substitute, much like UPX does (but no, it’s no protection at all).

Most people would recommend following the conventional route of code obfuscation (Mangle-It, Stunnix C/C++ Obfuscator, COBF, Thicket), but there also are some very creative approaches, vg: use the LLVM compiler infrastructure with the C back-end to produce an intermediate C representation, to be recompiled with gcc; or my favorite one, try to use a virtual machine like Oreans or Python for the most critical parts of the program.

For the sake of completeness, there has also been some very interesting papers on cryptographically-aided obfuscation, my favourite being the following one:

GDE Error: Error retrieving file - if necessary turn off error checking (404:Not Found)

And remember, enabling full compiler optimizations will always help!

 
  1. Can Homomorphic Encryption be Practical?
  2. Homomorphic Encryption and Lattices
  3. Microsoft Research’s practical showcase of their best programming language research
  4. Advanced Crypto Software Collection & RELIC: Efficient LIbrary for Cryptography
  5. Infinite loops, nevermore!
 

Much like Keynes’ The General Theory Of Employment Interest And Money (1936) sketched the general picture of macroeconomics, leaving the hard-work of figuring the concrete equations and their variable estimation to the then nascent field of macroeconomics, Christensen’s The Innovator’s Dilemma derived an acclaimed general theory of innovation through real-world examples, initiating a very fertile ground for modelling and quantification. And the following paper is the first to tackle the problem of creating a fully detailed innovation model around the canonical case of incumbent’s delay.

GDE Error: Error retrieving file - if necessary turn off error checking (404:Not Found)

The most interesting part is the measurement of four different forces that determine the incumbent-entrant timing gap in technology adoption, next in their actual order of importance: the very significant option value of waiting; a smaller cannibalization’s effect; and trivial sunk-cost advantages over entrants and preemption motives for this issue, but strong determinants of innovation and evolution.

And what’s more important, the absolute relevance of this very same case and models to the modern evolution of drives towards SSD and hybrid technologies.

 
Set your Twitter account name in your settings to use the TwitterBar Section.