Presentation is loading. Please wait.

Presentation is loading. Please wait.

Reverse Engineering v/s Secure Coding.. What is Secure Coding? Is Secure Coding simply avoiding certain already discovered vulnerable functions? Is Secure.

Published byElvin Burns Modified over 9 years ago

Similar presentations

Presentation on theme: "Reverse Engineering v/s Secure Coding.. What is Secure Coding? Is Secure Coding simply avoiding certain already discovered vulnerable functions? Is Secure."— Presentation transcript:

1 Reverse Engineering v/s Secure Coding.

2 What is Secure Coding? Is Secure Coding simply avoiding certain already discovered vulnerable functions? Is Secure Coding simply avoiding certain already discovered vulnerable functions? What about Tons of Commercial applications that are released everyday? What about Tons of Commercial applications that are released everyday? Software Crackers (Reverse Engineers) causing Millions of Dollars of loss Globally due to Software Piracy. Software Crackers (Reverse Engineers) causing Millions of Dollars of loss Globally due to Software Piracy. Are you Programmers taking your Job seriously? Are you Programmers taking your Job seriously?

3 Cryptography?...Hmm… Cryptography in Application Registration routines don’t make sense. Cryptography in Application Registration routines don’t make sense. Cryptographic Algorithm adds to the applications’ size & is Processor intense. Cryptographic Algorithm adds to the applications’ size & is Processor intense. Cryptographic Algorithm in Registration routines can be either completely ripped off or totally bypassed and they pose no challenge to a Cracker. Cryptographic Algorithm in Registration routines can be either completely ripped off or totally bypassed and they pose no challenge to a Cracker.

4 Packers & Protectors? What are Packers? What are Packers? What are Protectors? What are Protectors? Packers make Sense but Protectors don’t ! Packers make Sense but Protectors don’t ! Packers == very easy to defeat. Packers == very easy to defeat. Protectors == who cares to defeat ? Protectors == who cares to defeat ? Virtual Machines?.... Not again! Virtual Machines?.... Not again!

5 .Net & Java == Not Cool? Decompilation & not Disassembling. Decompilation & not Disassembling..Net is M$’s take on Java..Net is M$’s take on Java..class files &.net executables rely heavily on Runtime Environment Components..class files &.net executables rely heavily on Runtime Environment Components. Damn easy to break code and Damn tough to prevent us from Tampering with your App. Damn easy to break code and Damn tough to prevent us from Tampering with your App.

6 Mobile Devices…. Yeah! Sony Ericsson’s “.Sest” Feature talked about for the first time ever! Sony Ericsson’s “.Sest” Feature talked about for the first time ever! J2me applications built for Mobile Devices should be “Freewares”. J2me applications built for Mobile Devices should be “Freewares”. J2me Trojans can be very easy to code. J2me Trojans can be very easy to code. Don’t even want to talk about Sony Ericsson & Siemens’ “Phone Modding”. Don’t even want to talk about Sony Ericsson & Siemens’ “Phone Modding”.

7 Can I Tackle R.E ? Technically Speaking? No you Can’t! Technically Speaking? No you Can’t! Logically ? Bore us to Death! Logically ? Bore us to Death! How? How? a] Use spaghetti Code. a] Use spaghetti Code. b] Jump all over the Place. b] Jump all over the Place. c] Learn Polymorphism. c] Learn Polymorphism. d] Learn to use your “Imagination” as a tool. d] Learn to use your “Imagination” as a tool. e] Think like a Reverse Engineer! e] Think like a Reverse Engineer!

8 “Thinking Before Writing, saves the time spent in Editing.” –Pirated. Thank You. Atul Alex Cherian, www.OrchidSeven.comwww.OrchidSeven.com. www.OrchidSeven.comPh:9860056788. Atul.alex@orchidseven.com

Download ppt "Reverse Engineering v/s Secure Coding.. What is Secure Coding? Is Secure Coding simply avoiding certain already discovered vulnerable functions? Is Secure."

Similar presentations

Dynamic Analysis of Windows Phone 7 apps Behrang Fouladi, SensePost.

Dynamic Analysis of Windows Phone 7 apps Behrang Fouladi, SensePost.
Implications and Security Issues of the Internet By Neelesh Patel.

Implications and Security Issues of the Internet By Neelesh Patel.
Samford University Virtual Supercomputer (SUVS) Brian Toone 4/14/09.

Samford University Virtual Supercomputer (SUVS) Brian Toone 4/14/09.
Will Wireless Gaming Be a Winner? February 1, 2007 Sumit Rohit Thaker Sung Ho Hwang.

Will Wireless Gaming Be a Winner? February 1, 2007 Sumit Rohit Thaker Sung Ho Hwang.
IS Terms and Introductory Concepts. Contemplative Questions What is an information system? What is an information system? Why do we care about the difference.

IS Terms and Introductory Concepts. Contemplative Questions What is an information system? What is an information system? Why do we care about the difference.
For more Lectures and Notes Visit www.basicsofprogramming.wordpress.com.

For more Lectures and Notes Visit
Reverse Engineering Ian Kayne For School of Computer Science, University of Birmingham 2 nd February 2009.

Reverse Engineering Ian Kayne For School of Computer Science, University of Birmingham 2 nd February 2009.
© 2014 The MITRE Corporation. All rights reserved. Approved for Public Release: Case #13-4177 iOS App Integrity – Got Any? Research Team: Gregg Ganley(PI)

© 2014 The MITRE Corporation. All rights reserved. Approved for Public Release: Case # iOS App Integrity – Got Any? Research Team: Gregg Ganley(PI)
Senior Design May 12-08 AbstractDesign Alex Frisvold Alex Meyer Nazmus Sakib Eric Van Buren Our project is to develop a working emulator for an Android.

Senior Design May AbstractDesign Alex Frisvold Alex Meyer Nazmus Sakib Eric Van Buren Our project is to develop a working emulator for an Android.
01 Introduction to Java Technology. 2 Contents History of Java What is Java? Java Platforms Java Virtual Machine (JVM) Java Development Kit (JDK) Benefits.

01 Introduction to Java Technology. 2 Contents History of Java What is Java? Java Platforms Java Virtual Machine (JVM) Java Development Kit (JDK) Benefits.
Online Job Portal with Exam

Online Job Portal with Exam
Advanced OOP MCS-3 OOP BSCS-3 Lecture # 1

Advanced OOP MCS-3 OOP BSCS-3 Lecture # 1
Code Injection and Software Cracking’s Effect on Network Security Group 5 Jason Fritts Utsav Kanani Zener Bayudan ECE 4112 Fall 2007.

Code Injection and Software Cracking’s Effect on Network Security Group 5 Jason Fritts Utsav Kanani Zener Bayudan ECE 4112 Fall 2007.
Chapter 0: Introduction CSCI-UA 0002 – Introduction to Computer Programming Mr. Joel Kemp.

Chapter 0: Introduction CSCI-UA 0002 – Introduction to Computer Programming Mr. Joel Kemp.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Trying to like a boss… REVERSE ENGINEERING. WHAT EVEN IS… REVERSE ENGINEERING?? Reverse engineering is the process of disassembling and analyzing a particular.

Trying to like a boss… REVERSE ENGINEERING. WHAT EVEN IS… REVERSE ENGINEERING?? Reverse engineering is the process of disassembling and analyzing a particular.
Application Security Tom Chothia Computer Security, Lecture 14.

Application Security Tom Chothia Computer Security, Lecture 14.
1 Developing Native Device for MPJ Express Advisor: Dr. Aamir Shafi Co-advisor: Ms Samin Khaliq.

1 Developing Native Device for MPJ Express Advisor: Dr. Aamir Shafi Co-advisor: Ms Samin Khaliq.
A Survey of Mobile Cloud Computing Application Models

A Survey of Mobile Cloud Computing Application Models
CSCE 548 Code Review. CSCE 548 - Farkas2 Reading This lecture: – McGraw: Chapter 4 – Recommended: Best Practices for Peer Code Review,

CSCE 548 Code Review. CSCE Farkas2 Reading This lecture: – McGraw: Chapter 4 – Recommended: Best Practices for Peer Code Review,

Similar presentations

Ads by Google