![]() ![]() ![]() In the paper he provides an example how safe security could be analyzed. The concept is nothing new, Bruce Schneier wrote a paper about " Attack Trees" back in 1999. There is a fancy term for that - threat modeling. ![]() What do I want to protect? Against whom? For how long? What kind of loss is acceptable to me? What the authors should do instead is stop and think. Oh no, someone stole my code again! Let me add another layer of encryption over it! Few days/weeks/months later - Those bloody hackers won't stop! Let me protect my encryption code with another encryption! I've heard that cryptography is good, so I'll use that. Their logic is like this - someone stole my code, I better protect it. Protection authors are so focused on improving one specific aspect of the protection that completely overlook other, much easier ways how the system can be defeated. Every once in a while I encounter a strange anti-reverse engineering protection. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |