|
|
|
|
#1
02-17-2011, 02:44
|
|||
|
|||
|
Oh, I see your point. Yes, the fact that WL is pretty good documented (quo, Deathway, ...) doesn't say it's less secure. Security by obscurity usually doesn't work in cryptography, why would it be any better in RCE.
 Edit: Other way round, sometimes security by obscurity is all you can rely on in RCE. Disproving my own arguments, that's the way to go! I just compared VMs from what I know about them and RISC seems to be way more confusing than VMP. 
|
|
#2
02-17-2011, 05:15
|
|||
|
|||
|
Definitely, the RISC VM is awesome. Well coded and most awesome, you can see the work that has gone into it. And a lot harder than anything VMP has.
But mostly actually the good stuff in VMprotect is stolen from other protections. It's heap antidump comes from Winlicense and it's CPUID comes from securom. Also it's obfuscation is retarded. It's VM is pretty OK though, they do a good job confusing you at first. And the fact it's VM exits have the same signature as their main handler is nice. It's not bad and with the info around perhaps harder than WL, but imho it's a lot worse.
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| How come new registrants given "guest" rank and not even a "friend" rank? | OldieHans | General Discussion | 4 | 09-25-2023 12:19 |
| When use "vendor defined encryption routines", how to set daemon related part? | bridgeic | General Discussion | 6 | 01-22-2015 11:35 |
| Wlscgen: Are "Vendor Id" and "Developer Id" different ? | Numega Softice | General Discussion | 6 | 02-12-2007 18:12 |
Hybrid Mode
