[Chugalug] Dropbox (and other Python Apps) Reverse-Engineered
stewartbenjamin at gmail.com
Wed Aug 28 13:33:27 UTC 2013
That was my suspicion. So then, when you go on the defensive, what do you
do? How do you build a system that, even when you can see clearly into it,
provides reasonable security?
On Wed, Aug 28, 2013 at 9:09 AM, Dave Brockman <dave at brockmans.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> On 8/28/2013 8:49 AM, Benjamin Stewart wrote:
> > Interesting read, thanks for posting!
> > Question for the security programmer folks: Are there code
> > obfuscation techniques, for Python or other languages, that
> > actually work against such a determined attacker, or is this
> > DropBox client pretty close to "state of the art?"
> Short answer is no. Given enough time, determination and debugger, at
> the very least, whatever assembly code your obfuscated code produces
> can be captured.
> > You can't really just say "don't use Python," because C et al. can
> > be decompiled, too.
> If it's software, it can be decompiled....
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.17 (MingW32)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
> -----END PGP SIGNATURE-----
> Chugalug mailing list
> Chugalug at chugalug.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Chugalug