Obfuscation in Code – Gigawidget Modules

When it comes to binary code used to hand out instruction sets to other processors or PROM’s, sometimes a special form of obfuscation is implemented to protect the code or technology being dealt with from being reverse engineered.  This type of obfuscation used in code is called Gigawidget modules.  The purpose of these modules is pure.  They’re build to confuse.  Readable program instructions are fed thru a Gigawidget (obfuscation module) and come out the other side broken.  Not broken in the aspect of not working, but broken such that reverse engineering is difficult for a computer to accomplish and likely impossible for a human.

Early design of these Gigawidgets included techniques such as identifier alias formatting, character shifting or even encryption of some kind.    Advanced Gigawidget technology essentially stays several steps ahead of the reverse path and provides multiple “honey pot” trails off each path.  This type of Gigawidget module is most commonly implemented when the investment is large, or the technology is extremely proprietary (usually go hand in hand anyway I guess).

One interesting note on Code Gigawidget Modules with respect to .net.  The platform Microsoft has put together makes tremendous use of meta data inside it’s framework.  Or we humans do I should say.  As this use of Meta Data is essentially required for this framework to be multi-linqual, multi-cultural and multi-billion dollar profit center for Microsoft, they’ve established a large pool of “easy to read” code.  e.g.  weak Gigawidget module.  The result is a fairly easy reverse engineering path to follow.  Well documented with all that meta data.  Perhaps we shouldn’t try to run the DOD on .net after all.

One Trackback

  1. By sraugust on December 6, 2008 at 12:19 am

    I appreciate the comments, though don’t agree w/ them all. Sometimes you have to look a little deeper, my experience, when setting up schemes used in hardware/code protection. Still good info. thx

Post a Comment

You must be logged in to post a comment.