I am searching for the best way to merge two parts of software together, so it would be as hard as possible to separate them again through reverse engineering. At the moment are both parts python, but open minded for anything else.
3
- There is no generic way to merge a security feature into a software as the title of the question seem to ask. As for your specific feature "dead man switch" - it is unclear to me what it should do in the first place. But since you seem to be worried about someone removing this feature it does not sound like an actual security feature to me (i.e. improve security) but more like restricting the user, like enforcing a license or so. This is not about information security then in the first place, i.e. off-topic. Maybe I'm interpreting the question in the wrong way though, so please clarify.Steffen Ullrich– Steffen Ullrich2023-01-21 07:10:19 +00:00Commented Jan 21, 2023 at 7:10
- I have edited my question and described it in as much detail as possible. If you have any other questions, just ask.127 001– 127 0012023-01-21 07:58:14 +00:00Commented Jan 21, 2023 at 7:58
- 1Thanks for the update. I still don't really understand it. What is the purpose of protecting the program itself? Shouldn't be the main point the protection of data which are processed/used by the program? But I don't see anything about data here, i.e. data like secrets used for access other systems, invoke actions, encrypt files ... Because - if it is just about the protecting the program then what hinders an attacker to create a similar program?Steffen Ullrich– Steffen Ullrich2023-01-21 08:02:28 +00:00Commented Jan 21, 2023 at 8:02
Add a comment |
1 Answer
Any potential attacker worth anything will make a forensic image of the full drive and use that to create his working copies. This will happen before the program (or the OS) ever starts.
Regardless of any lockout mechanisms you implement there is always a clean copy available to continue the analyzing/executing cycle.
Therefore the steps in your clarification (forensically secure) can not be achieved.
