Menu

IT Hare on Soft.ware

Tap to confirm selection

Subscribe:

Your mileage may vary. Batteries not included
Author:
Species:
H.A.R.E. (as "Honest And Restless Engineer")
Job Title:
Sarcastic Architect
Hobbies:
Thinking Aloud
,
Arguing with Managers
,
Annoying HRs
,
Calling a Spade a Spade
,
Keeping Tongue in Cheek
'No Bugs' Bunny

Once upon a time, in a rabbit outsourcing warren of Bunnylore, there was a young software developer bunny. And as a developer, he has had one very unusual treat: he was obsessed with eliminating all the bugs he can get his forelegs on. So, it is not surprising that his friends called him a “No Bugs” Bunny (or simply “NoBugs”).

Later on, he grew up, so he decided that “Bunny” in his name has became inappropriate (not to mention potential arguments with Warner Brothers), so he has asked all his friends to call him “No Bugs” Hare. He has made a career as a team lead and software architect, and they lived happily ever after.


“No Bugs” Hare Opera Omnia, Vol.1:

Bot Fighting 201: Declarative Data+Code Obfuscation with Build-Time Polymorphism in C++

Quote:
“Technically, what we’re looking for here, is any kind of bijection; we’ll use this bijection to convert our data from one representation into another one (and as it is a bijection, we can revert it later).”
Another Quote:
“As we’re not writing our obf<> classes manually (instead, we have a code generator doing it for us on each build), the sky is the limit to the obfuscations we can generate.”

Bot Fighting 103. Code Integrity Checks, Code Scrambling

Quote:
“Bingo! We’ve got an executable, which automagically performs TONS of integrity checks, which checks are spread all over the executable, and are extremely non-obvious too.”
Another Quote:
“This approach of ‘not revealing code until attack costs are high’ is certainly not limited to payments.”

Bot Fighting 102: System-Specific Kinda-Protection. Anti-Debugger, Anti-DLL-Injection, VM Detection.

Quote:
“it is fundamentally impossible to prevent (or detect) debugging, at least as long we’re staying on one single box.”
Another Quote:
“DON’T spend more than 10% of your overall anti-bot-fighting time budget on system-specific protections.”