Home
Blogs
Forums
News
Portfolios
Projects
Tutorials
44 users logged in
New? Learn about game development.
Before posting, review our community guidelines.
Follow Us
Chat in the GameDev.net Discord!
Mastodon
Back to General and Gameplay Programming

Checksum testing

Started by
10 comments, last by Deprecated 12 years, 3 months ago

Is it possible for a hacker to modify the executable in a way that all kinds of checksum tests are useless.


If yes, how?[/quote]

Through least possible effort. Hash too strong? Attack validation mechanism. Mechanism too strong? Attack the hash. Both too strong? Buy a wrench.

Is content downloaded? Poison DNS, perform social attack on GoDaddy, rely on memory corruption to resolve wrong IPs, serve your fake content from there without restrictions. Using SSL? Steal a root certificate and spoof that.

All security attacks are about exploiting the weakest link.
Advertisement
Self-encrypting Code to Protect Against Analysis and Tampering (J. Cappaert, et al.) comes to mind.

A simpler way to provide strong security against reverse-engineering would be polymorphic encryption. Oddly enough it's a technique that originated from the malware hobbyists and although it's nowadays used by serious software developers a lot of good documentation and examples can be found on sites focusing on malware development and (software) security analysis.

It is disputed whether or not it is possible to create a software that can't be detected and therefore analyzed (see Blue Pill malware), although it is possible to protect the code good enough so that the effort of cracking it outweighs the worth of cracking it.


Although you could write every single function of your program so that it could be encrypted and loaded into memory only one function at a time (which makes both recursion and object-oriented programming impossible, by the way) it is highly unlikely that you'll find a graphics library that works with that kind of programming. It is also highly unlikely that you'll need that kind of security. As frob said, you need to consider who you're protecting yourself from and how much your data/code is worth to them.
Those who can do, do; those who can't do, do teach.

This topic is closed to new replies.

Advertisement

Popular Topics

theish
Can AI Tools Streamline Game Development? For Beginners
Nosey
Ideas for a new genre (anonimous) Game Design and Theory
Calin
Avoiding other units without using pathfinding General and Gameplay Programming
elboursicode
I need help about my client netcode Networking and Multiplayer
black4
Quake 1 source code triangle rasterization General and Gameplay Programming
pixelamped
What's the best way to make items/upgrades in a rouge-like? General and Gameplay Programming
Advertisement

Recommended Tutorials

Myopic Rhino
Back to Basics: Stacks General and Gameplay Programming
GameDev.net
Bilinear Texture Filtering – Artifacts, Alternatives, and Frequency Domain Analysis Graphics and GPU Programming
Spunya
Making a Game with Blend4Web Part 6: Animation and FX Engines and Middleware
Myopic Rhino
ASSERT(), VERIFY() and TRACE() for non-MFC Applications General and Gameplay Programming
Myopic Rhino
Free Direction Texture Mapping Graphics and GPU Programming

Reticulating splines

About GameDev.net
Community Guidelines
Terms of Service
Privacy Policy
Contact Us
Copyright (c) 1999-2024 GameDev.net, LLC
Back to Top