obfuscation

**James Kanze** · May 30 '07, 12:55 PM

Re: obfuscation

On May 30, 10:45 am, Zeppe
<zep_p@.remove. all.this.long.c omment.yahoo.it wrote:

JohnQ wrote:

[...]

Anyway, under linux, the debug symbols are activated by -g, so if you
compile without it they shouldn't be included. And the the command

strip executable_name

will remove all the names of all the exported symbols, so there will be
no more readable information.

That's what I always thought, but a quick check (under Solaris)
shows that it just ain't true. The names are no longer visible
to nm (and the executable is noticeably smaller), but they still
show up using strings.

For windows I guess it's similar, look at
the "c++ options" and "code generation" options in visual studio for
example, there should be some "do no include debug information".

So, the question is: are function names and class names not visible in
non-debug code? (That is a/the concern of mine).

they are not, provided you tell the compiler that you don't need him to
preserve the function names. (well, not sure if you can delete also the
names of the function linked dynamically on shared libraries, though...
probably not).

Obvoiusly not, I'd say. Also, you can't delete the names of
types, at least not if type_info::name () is still going to work.

--
James Kanze (GABI Software) email:james.kan ze@gmail.com
Conseils en informatique orientée objet/
Beratung in objektorientier ter Datenverarbeitu ng
9 place Sémard, 78210 St.-Cyr-l'École, France, +33 (0)1 30 23 00 34

**Zeppe** · May 30 '07, 01:55 PM

Re: obfuscation

James Kanze wrote:

>will remove all the names of all the exported symbols, so there will be
>no more readable information.

>
That's what I always thought, but a quick check (under Solaris)
shows that it just ain't true. The names are no longer visible
to nm (and the executable is noticeably smaller), but they still
show up using strings.

uhm... compiled without -g and with _NDEBUG? I obtain quite clean code
under linux... maybe strip -s.

>they are not, provided you tell the compiler that you don't need him to
>preserve the function names. (well, not sure if you can delete also the
>names of the function linked dynamically on shared libraries, though...
>probably not).

>
Obvoiusly not, I'd say. Also, you can't delete the names of
types, at least not if type_info::name () is still going to work.

same with assertions... anyway, for the dynamic linking, just my
ignorance on the topic (I don't really know about how it works the name
resolution on a shared library, there will be some version information,
as well as the exported symbols..)

Regards,

Zeppe

anyway,

**Martin Rennix** · May 30 '07, 03:25 PM

Re: obfuscation

On May 30, 8:41 pm, James Kanze <james.ka...@gm ail.comwrote:

>
That's interesting. None of the compilers I use (Sun CC, g++
and VC++) have such a simplistic division. They all have a
fairly complicated list of options concerning optimization:
several levels of optimization, and the possibility to turn off
or on specific optimizations, regardless of the level.

Yes you are right, but in VC++ when you create a new project by
default there are 2 configs, a debug config with optimisations off and
a release config with optimise on. Of course you can change these
settings.

The real question, of course, is why you'd want to obfuscate to
begin with. The current trend seems to be in the other
direction---more and more companies are delivering the sources
with the product, or at least making them available. (Of
course, in many cases, the quality of the code is such that one
could consider the actual sources obfuscation.)

I agree, obfuscation is generally a waste of time. All code can be
reverse engineered given enough time. And plenty of people have a lot
of time. Look how quickly games are cracked, even after spending a
fortune on anti-piracy measures. What is it you need to hide?

**Gennaro Prota** · May 30 '07, 07:05 PM

Re: obfuscation

On 30 May 2007 05:41:08 -0700, James Kanze wrote:

But if it's optimization that was your primary thought: I
don't use any optimization compiler settings (I don't need to, and who does
these days?).

>

>Plenty of people. Most C++ compilers support a debug (non-optimised)
>and release (optimised) mode.

>
>That's interesting. None of the compilers I use (Sun CC, g++
>and VC++) have such a simplistic division. They all have a
>fairly complicated list of options concerning optimization:
>several levels of optimization, and the possibility to turn off
>or on specific optimizations, regardless of the level.

It's a common feature of IDE's, not compilers. In Visual C++, probably
the best known example, all projects created by the wizards have two
"configurations " which are named "debug" and "release" and more or
less reflect what they think should be enabled during development and
for shipping your product, respectively. Of course, neither of the two
is useful --as is-- in production.

But I'll concede that the C standard did somehow set a precedent, by
naming NDEBUG that way: if it just turns asserts off why not naming it
NOASRT, for instance? I think what IDE's currently do is basically
applying the same line of thought which led to the name "NDEBUG" to a
number of other things; and --needless to say-- they will define
NDEBUG as well in any "release" configuration. I've seen code using
asserts for unit testing in such "release" configurations (it's just
that of course one wouldn't see the invocations of assert directly,
being them hidden behind some project-specific XXX_TEST macro).

--
Gennaro Prota -- C++ Developer, For Hire

Page not found - SourceForge.net

https://sourceforge.net/projects/breeze/

Free, secure and fast downloads from the largest Open Source applications and software directory - SourceForge.net

(replace 'address' with 'name.surname' to mail)

**James Kanze** · May 31 '07, 08:55 AM

Re: obfuscation

On May 30, 5:18 pm, Martin Rennix <martin.ren...@ gmail.comwrote:

On May 30, 8:41 pm, James Kanze <james.ka...@gm ail.comwrote:

That's interesting. None of the compilers I use (Sun CC, g++
and VC++) have such a simplistic division. They all have a
fairly complicated list of options concerning optimization:
several levels of optimization, and the possibility to turn off
or on specific optimizations, regardless of the level.

Yes you are right, but in VC++ when you create a new project by
default there are 2 configs, a debug config with optimisations off and
a release config with optimise on. Of course you can change these
settings.

I think you're referring to the Visual Studios IDE, and not
VC++; I use VC++ from time to time, and I've not seen two
"default" configurations---VC++ is very much like g++ or Sun CC
in that it has hundreds of command line options, and in any real
production work, the defaults are absolutely worthless; you need
tens of options to get anything useful.

As for defaults in general: you really should carefully read the
documentation of the tools you are using, particularly critical
ones like the compiler, and decide explicitly which options are
relevant to your application. I've never found the defaults to
be appropriate, and it's usual that different applications need
a different set of options.

--
James Kanze (GABI Software) email:james.kan ze@gmail.com
Conseils en informatique orientée objet/
Beratung in objektorientier ter Datenverarbeitu ng
9 place Sémard, 78210 St.-Cyr-l'École, France, +33 (0)1 30 23 00 34

**James Kanze** · May 31 '07, 09:05 AM

Re: obfuscation

On May 30, 3:54 pm, Zeppe
<zep_p@.remove. all.this.long.c omment.yahoo.it wrote:

James Kanze wrote:

will remove all the names of all the exported symbols, so there will be
no more readable information.

That's what I always thought, but a quick check (under Solaris)
shows that it just ain't true. The names are no longer visible
to nm (and the executable is noticeably smaller), but they still
show up using strings.

uhm... compiled without -g and with _NDEBUG?

Well, I didn't try _NDEBUG, but I did compile and then strip,
and all of the (mangled) names were present in the output of
"strings".

I suspect that this is possibly because at no point during the
build cycle or strip was it explicitly stated that dynamic
linking wouldn't be used, so all of the operations retained the
symbols, just in case.

I obtain quite clean code
under linux... maybe strip -s.

Hmm. I'd tried it under Solaris. Under Linux, strip does seem
to eliminate most of them.

BTW: does _NDEBUG have anything to do with NDEBUG? If it
suppresses assertions, then it can't very well be used in
production code, can it?

they are not, provided you tell the compiler that you don't need him to
preserve the function names. (well, not sure if you can delete also the
names of the function linked dynamically on shared libraries, though...
probably not).

Obvoiusly not, I'd say. Also, you can't delete the names of
types, at least not if type_info::name () is still going to work.

same with assertions... anyway, for the dynamic linking, just my
ignorance on the topic (I don't really know about how it works the name
resolution on a shared library, there will be some version information,
as well as the exported symbols..)

Under Unix, all global symbols will be implicitly exported. (I'm
not too familiar with the GNU ld, but Sun's ld has options to
specify exactly what should and should not be exported.)

--
James Kanze (GABI Software) email:james.kan ze@gmail.com
Conseils en informatique orientée objet/
Beratung in objektorientier ter Datenverarbeitu ng
9 place Sémard, 78210 St.-Cyr-l'École, France, +33 (0)1 30 23 00 34

**Gennaro Prota** · May 31 '07, 09:55 AM

Re: obfuscation

On 31 May 2007 02:03:51 -0700, James Kanze wrote:

[in Visual Studio]
>BTW: does _NDEBUG have anything to do with NDEBUG?

It's _DEBUG, not _NDEBUG. In the two default configurations that the
wizards generate, the "debug" one has _DEBUG defined, the "release"
one has NDEBUG; so, yes, it isn't usable in production as I said in my
other post, except that it is, more often than not :-( (As I also said
in my other post the name "NDEBUG" is a tad misleading, but a
professional programmer is supposed to understand things a little
beyond the level of lexical suggestion)

--
Gennaro Prota -- C++ Developer, For Hire

Page not found - SourceForge.net

https://sourceforge.net/projects/breeze/

Free, secure and fast downloads from the largest Open Source applications and software directory - SourceForge.net

(replace 'address' with 'name.surname' to mail)

**Gennaro Prota** · May 31 '07, 10:15 AM

Re: obfuscation

On 31 May 2007 02:03:51 -0700, James Kanze wrote:

[in VC++]
>BTW: does _NDEBUG have anything to do with NDEBUG? If it
>suppresses assertions, then it can't very well be used in
>production code, can it?

<OT>
I forgot to add an important piece of information. The macro _DEBUG is
actually *implicitly defined* every time you use the /MTd or /MDd
options and says that a debug version of the CRT is used. That, of
course, also from the command line; the command line which results
from the wizard debug configuration has both /D "_DEBUG" and one of
the two options above (that's from personal observation, from VC6 to
VC8 --probably that's not documented and of course it's nothing to
count on without inspecting it personally).
</OT>

--
Gennaro Prota -- C++ Developer, For Hire

Page not found - SourceForge.net

https://sourceforge.net/projects/breeze/

Free, secure and fast downloads from the largest Open Source applications and software directory - SourceForge.net

(replace 'address' with 'name.surname' to mail)

**Zeppe** · May 31 '07, 10:25 AM

Re: obfuscation

James Kanze wrote:

BTW: does _NDEBUG have anything to do with NDEBUG? If it
suppresses assertions, then it can't very well be used in
production code, can it?

sure, it was a typo for NDEBUG, sorry (actual mix between _DEBUG and
NDEBUG :)

But I can't understand your sentence. Why should the assertions be
retained in the production code? It's a kind of debug stuff for me.. of
course I was referring actually to that, if you enables assertions (and,
for some other compiler, _DEBUG actually activates other types of
controls inside of the library) it's likely that some names and code
lines are stored in order to print something useful when an assertion is
thrown.

>same with assertions... anyway, for the dynamic linking, just my
>ignorance on the topic (I don't really know about how it works the name
>resolution on a shared library, there will be some version information,
>as well as the exported symbols..)

>
Under Unix, all global symbols will be implicitly exported. (I'm
not too familiar with the GNU ld, but Sun's ld has options to
specify exactly what should and should not be exported.)

Ah ok, thanks for the explanation ;)

Regards,

Zeppe

**Ian Collins** · May 31 '07, 10:25 AM

Re: obfuscation

Zeppe wrote:

James Kanze wrote:
>

>BTW: does _NDEBUG have anything to do with NDEBUG? If it
>suppresses assertions, then it can't very well be used in
>production code, can it?

>
sure, it was a typo for NDEBUG, sorry (actual mix between _DEBUG and
NDEBUG :)
>
But I can't understand your sentence. Why should the assertions be
retained in the production code? It's a kind of debug stuff for me.. of
course I was referring actually to that, if you enables assertions (and,
for some other compiler, _DEBUG actually activates other types of
controls inside of the library) it's likely that some names and code
lines are stored in order to print something useful when an assertion is
thrown.
>

Most application I have used retain assertions. There will always be
"can't happen" situations in the code where an assert is the only safe
option. If nothing else, they give an error message for users to report
when one fires.

Without the original source, file and line number isn't any use to
someone reverse engineering the code.

--
Ian Collins.

**Gennaro Prota** · May 31 '07, 10:45 AM

Re: obfuscation

On Thu, 31 May 2007 11:16:44 +0100, Zeppe wrote:

>sure, it was a typo for NDEBUG, sorry (actual mix between _DEBUG and
>NDEBUG :)
>
>But I can't understand your sentence. Why should the assertions be
>retained in the production code?

Uh? Did you mean "released" code? Why should they be removed?

--
Gennaro Prota -- C++ Developer, For Hire

Page not found - SourceForge.net

https://sourceforge.net/projects/breeze/

Free, secure and fast downloads from the largest Open Source applications and software directory - SourceForge.net

(replace 'address' with 'name.surname' to mail)

**JohnQ** · Jun 1 '07, 08:25 PM

Re: obfuscation

"James Kanze" <james.kanze@gm ail.comwrote in message
news:1180528868 .407325.193550@ q75g2000hsh.goo glegroups.com.. .

"The real question, of course, is why you'd want to obfuscate to
begin with."

To protect intellectual property: trade secrets, patents, copyrights...

John

**JohnQ** · Jun 1 '07, 08:25 PM

Re: obfuscation

"Zeppe" <zep_p@.remove. all.this.long.c omment.yahoo.it wrote in message
news:f3jdjf$m5k $1@aioe.org...

JohnQ wrote:

>"Ian Collins" <ian-news@hotmail.co mwrote in message
>news:5c4c19F2s sn56U50@mid.ind ividual.net...

>>JohnQ wrote:
>>>"Zeppe" <zep_p@.remove. all.this.long.c omment.yahoo.it wrote in message
>>>news:f3he3c$ d6t$1@aioe.org. ..
>>>>GK wrote:
>>>>>Hello,
>>>>>>
>>>>>Can anybody suggest a best code obfuscation tool based on their
>>>>>exeperienc e
>>>>>? (e.g.: testing effort after obfuscation is 0)
>>>>>>
>>>>My compiler obfuscates the c++ code quite well.
>>>I'll bet you haven't looked at your executables with an editor lately
>>>if
>>>you
>>>think that. If you leave it the way the compiler leaves it, you'll
>>>probably
>>>be able to generate class and function diagrams from the human-readable
>>>text
>>>in the code.
>>>>
>>Only if you leave debugging information in the executable. Otherwise
>>optimised code is all but impossible to reverse engineer.

>>
>You could be right! Thank you, I'll investigate that (or someone will
>follow-up post?). But if it's optimization that was your primary thought:
>I
>don't use any optimization compiler settings (I don't need to, and who
>does
>these days?).

>
there are reasonable motivations to use optimizations (and to remove debug
symbols) in the release versions of the programs:
1) why have a slow program when it can be faster?
2) why have a big program when it can be smaller?

If it's adequate, why take the risk of multi-threaded code not working
right?

John

**James Kanze** · Jun 2 '07, 01:45 PM

Re: obfuscation

On Jun 1, 10:16 pm, "JohnQ" <johnqREMOVETHI Sprogram...@yah oo.com>
wrote:

"James Kanze" <james.ka...@gm ail.comwrote in message

news:1180528868 .407325.193550@ q75g2000hsh.goo glegroups.com.. .

"The real question, of course, is why you'd want to obfuscate to
begin with."

To protect intellectual property: trade secrets, patents, copyrights...

And what does obfuscation change with respect to that? The
copyright is there, whether the code is obfuscated or not. It's
software, so it's not patentable in the civilized world. And
obfuscation doesn't affect the trade secret status either.

About the only real reason I know for obfuscation is that you're
ashamed of the quality, and don't want the customer to be able
to see how bad it is.

--
James Kanze (Gabi Software) email: james.kanze@gma il.com
Conseils en informatique orientée objet/
Beratung in objektorientier ter Datenverarbeitu ng
9 place Sémard, 78210 St.-Cyr-l'École, France, +33 (0)1 30 23 00 34

**BobR** · Jun 2 '07, 09:45 PM

Re: obfuscation

James Kanze <james.kanze@gm ail.comwrote in message ...
/* """
On Jun 1, 10:16 pm, "JohnQ" <johnqREMOVETHI Sprogram...@yah oo.com>
wrote:

"James Kanze" <james.ka...@gm ail.comwrote in message...

"The real question, of course, is why you'd want to obfuscate to
begin with."
To protect intellectual property: trade secrets, patents, copyrights...

And what does obfuscation change with respect to that? The
copyright is there, whether the code is obfuscated or not. It's
software, so it's not patentable in the civilized world. And
obfuscation doesn't affect the trade secret status either.

About the only real reason I know for obfuscation is that you're
ashamed of the quality, and don't want the customer to be able
to see how bad it is.
"""*/

OP (if your code's that bad):
Do the "Cheshire cat" boogie!!

"Cheshire cat" == handle classes.
--
Bob R
POVrookie

obfuscation

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment