Presentation is loading. Please wait.

Presentation is loading. Please wait.

Software Tamper-Proofing Deployed 2-year Anniversary Report

Published byBaldwin Patrick Modified over 5 years ago

Similar presentations

Presentation on theme: "Software Tamper-Proofing Deployed 2-year Anniversary Report"— Presentation transcript:

1 Software Tamper-Proofing Deployed 2-year Anniversary Report
Macrovision Corporation Patrice Capitant VP Engineering

2 Agenda SafeDisc The Hacker World Hacker Tools & Security Risks
SafeDisc Deployment In The Field The Lessons Recommendations SafeDisc 2.0 Summary

3 SafeDisc Copy Protection of PC games on CD.
Applied to more than 51 million units over 20 months Applied to more than 300 titles More than 100 SafeDisc replication facilities worldwide

4 The Hacker World Super-Hackers (The White Knights) Custom Tools
Organized (suppliers, crackers, coders, web hosters) Friendly competition but cooperation on tough problems Custom Tools Debuggers & add-ons (anti-debugger aids, memory dumps...) Advanced Hex-editors Packers & unpackers (PEcrypt, Procdump,…)

5 The Hacker World Hacker’s goals: to beat and humiliate you
Generate tamper-proof patches Generate essays on your technology Generate essays on hack techniques

6 Hackers’ Application Form – Part 1
: :[ #HUMMERS_WareZ ]:. : :[ Application Form ]:. § § WE'RE LOOKING FOR: Suppliers, Web Hosters, Crackers, Coders Check the position(s) you want to apply for, look for the section & answer the questions. : []Topsite FTP Courier X1 : X2 : X : : []Web Hoster X1 : X3 : X : : []Site Operator X1 : X4 : X : : []Shell Supplier X1 : X5 : X : : []Supplier X1 : X6 : X : : []Cracker X1 : X7 : X : : []Coder X1 : X8 : X : : []Other X1 : X9 : X :

7 Hackers’ Application Form – Part 2
X1. Information : Real Name [ ] : Nick [ ] : [ ] : IP Mask [ ] : ICQ Number [ ] : Connection speed [ ] : Years of experience in warez? [ ] : Have you been or are you in a group right now? [ ]-YES [ ]-NO : What Groups? What Position? Groups [ ] Position [ ]

8 Hackers’ Application Form – Part 3
X2. Topsite FTP Courier : Do you have access to new, 0-min warez? [ ]-YES [ ]-NO : How many mb can you curry in a week? [ MBS ] : Name the sites you are on? #1-[ ] #2-[ ] #3-[ ]

9 Hackers’ Application Form – Part 4
X3. Web Host : Can you host the page 24/7? []-YES []-NO : Space Available for the page [ MBS ] : Any other information? (Domain name, etc) [ ]

10 Hackers’ Application Form – Part 5
X4. SiteOp : Connection Speed: (cable users need not apply) []T1 []T3 []OC+ : Operating System (Check all that apply) [ ]Windows 3.1x/95/98 [ ] Any Nix os (Please Specify) [ ] [ ]Other(Please Specify) [ ] : Space Available for the group … [ GIGS ] : Will your site be dedicated to HUMMERS only? [ ]-YES [ ] –NO : Will your site be up 24/7? If not,how often? [ ]-YES [ ]-NO Hours up-[ ] : How many users can your site support at a time?-[ ] : What is the ip and login info of your site? (look only account) IP: [ ] LOGIN: [ ] PASS: [ ]

11 Hackers’ Application Form – Part 6
X5. Shell Supplier : Do you own a shell? [ ]-YES [ ]-NO : How many 24/7 bots do you have on your shell?-[ ]

12 Hackers’ Application Form – Part 7
X6. Supplier : What can you supply? [ ] : How much can u supply in a day/week?-[ ] : Will you supply on demand? [ ]-YES [ ]-NO

13 Hackers’ Application Form – Part 8
X7. Cracker : How long have you been hacking/cracking?-[ ] : How many applications have you cracked?-[ ] : How many games have you cracked?-[ ] : What are the last last three games/apps you've cracked? #1-[ ] #2-[ ] #3-[ ] : Are you willing to demonstrate your skills to a Senior in HUMMERS? []-YES []-NO

14 Hackers’ Application Form – Part 9
X8. Coder : What do you use to code? (Programs) [ ] : Do you have examples of your work? : []-YES []-NO (If yes, please include one with this app) : How fast can you start and finish a good program for the group?

15 Hackers’ Application Form – Part 10
X9. Other : What other thing can you do that is not listed? [ ] [ ]

16 Hackers’ Application Form – Part 11
X10. Hand-in App Now rename this yournick.txt and copy and paste, then send it to with "HUMMERS APPLICANT" as your subject. § § ©1998 [HUMMERS_Warez]

17 Hacker Tools & Security Risks
Debuggers Disassemblers File Level Attacks Memory Lifts Spoofing Cryptographic Attacks Procedural

18 Debuggers Step through code Set memory and code breakpoints
Disassemble code Change operation of code General experimentation tool e.g. SoftIce, TRW and Microsoft debuggers

19 Disassemblers Can analyse security code in a file on hard drive
Allow authentication and security code to be easily patched and recompiled Help remove obfuscation code e.g. idapro

20 Spoofing Spy programs used to monitor application calls to system functions Spoof program intercepts calls and returns data expected for an authentication e.g. frogsice, spy32

21 Memory Lifts Copies decrypted application (or sections) from memory to a file. Reconstructs the remainder of the application Can memory lift security code or protected application e.g. procdump

22 Cryptographic Attacks
Use of cryptographic techniques to analyse encrypted-protected applications Use of cryptographic techniques to find decryption keys

23 Procedural Leaks from publishers Release of demo builds
Publishing cracks on the WWW Publishing cracker tools

24 SafeDisc Deployment Successful Pre-release Testing… …Conclusions:
Software successfully tested by single hackers and corporate entities (Microsoft, Alladin) over 2-month period …Conclusions: It will take a very long time to crack: There is plenty of time to add security features If a crack occurs, patching the security hole will be sufficient

25 In The Field First hack after 6 month.
Three generic hacks over two years, all patched. All hacks limited to Super-Hackers. Time to Hack keeps decreasing.

26 The Lessons Super-Hackers can’t spell
Super-Hackers will work together: You are facing large skilled groups not individuals Hacks are more than one break: Frequently reflect systematic understanding of whole security system

27 The Lessons Hacks are more a matter of “when” than “if”
Essays on your security techniques will be published Patches will be tamper-proofed (just to show you)

28 The Lessons (cont.) Security hardness when raised to the level of Super-Hackers Diminishes number of hacks Diminishes distribution sites for patches Deters cautious users from applying patches

29 Recommendations Be proactive: Be patient: Focus on slowing down hacks:
New security techniques must be added frequently Expect to develop major changes in security architecture on a regular basis Be patient: Monitor hackers techniques & tools Devise multiple techniques before releasing counter-attack Focus on slowing down hacks: Put as many layers of security as you can in all critical areas Focus on limiting hack effectiveness: Use polymorphism: Each installation is different Dedicate resources to monitor and close Web sites

30 SafeDisc 2.0 Enhanced automated wrapping tool
Added DLL and data protection Additional security layers in each critical area Debuggers, disassemblers, spoofing, memory lifts & cryptographic attacks Heavier use of polymorphism Same program against hackers sites New SDK for publishers Additional security (level 1-3) for identified functions Additional media signatures for both data & audio

31 Summary SafeDisc hacks limited to a small group of Super-Hackers
Original strategy focused on preventing all hacks Did not put a boundary on time to hack Second generation tamper-proofing just released Focuses on limiting time to hack

32 Conclusion The more you learn, The more you learn you have to learn

Download ppt "Software Tamper-Proofing Deployed 2-year Anniversary Report"

Similar presentations

Implementing Tableau Server in an Enterprise Environment

Implementing Tableau Server in an Enterprise Environment
Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
HQ in Israel Threat research, security operations center 24/7. In-depth understanding and insight into how cyber crime works. Over 10 million online identities.

HQ in Israel Threat research, security operations center 24/7. In-depth understanding and insight into how cyber crime works. Over 10 million online identities.
Compliance and Robustness Rules for Windows Media DRM Implementations Microsoft Corporation.

Compliance and Robustness Rules for Windows Media DRM Implementations Microsoft Corporation.
Software Tamper-Proofing Deployed 2-year Anniversary Report Macrovision Corporation Patrice Capitant VP Engineering.

Software Tamper-Proofing Deployed 2-year Anniversary Report Macrovision Corporation Patrice Capitant VP Engineering.
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
INTERNET INFORMATION ACCESS How to avoid and eliminate common problems confronting usage of modern resources to access the Internet.

INTERNET INFORMATION ACCESS How to avoid and eliminate common problems confronting usage of modern resources to access the Internet.
Web Defacement Anh Nguyen May 6 th, 2010. Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.

CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.
Lecture 7 Evaluation. Purpose Assessment of the result Against requirements Qualitative Quantitative User trials Etc Assessment of and Reflection on process.

Lecture 7 Evaluation. Purpose Assessment of the result Against requirements Qualitative Quantitative User trials Etc Assessment of and Reflection on process.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Windows Server MIS 424 Professor Sandvig. Overview Role of servers Performance Requirements Server Hardware Software Windows Server IIS.

Windows Server MIS 424 Professor Sandvig. Overview Role of servers Performance Requirements Server Hardware Software Windows Server IIS.
UC Security with Microsoft Office Communication Server R1/R2 FRHACK Sept 8, 2009 Abhijeet Hatekar Vulnerability Research Engineer.

UC Security with Microsoft Office Communication Server R1/R2 FRHACK Sept 8, 2009 Abhijeet Hatekar Vulnerability Research Engineer.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.

Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
Introduction to Windows XP Professional Chapter 2 powered by dj.

Introduction to Windows XP Professional Chapter 2 powered by dj.
Windows XP Professional Windows XP Professional Overview Install and Upgrade Windows XP Pro Customize and Manage Windows XP Pro Troubleshoot Common Windows.

Windows XP Professional Windows XP Professional Overview Install and Upgrade Windows XP Pro Customize and Manage Windows XP Pro Troubleshoot Common Windows.
1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.

1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.

Similar presentations

Ads by Google