How to protect an EXE file created using deploytool
古いコメントを表示
How can we optimally protect our EXE file generated using deploytool? What is the best practice? I am aware that it almost impossible to have a fully-protected EXE file created using Matlab deploytool. Am I right?
採用された回答
Jan
2018 年 9 月 17 日
1 投票
As soon as we explain the "best practice" to protect an executable, the methods are known in public, which makes it easier to find a workaround. In consequence, the formerly "best" practice is flawed.
As long as executables cannot be protected perfectly, all trials to do so involve some obfuscation. How this can be done, depends on what you try to protect the software from: Copying? Using outside a specified range of time? Reverse engineering? Creating different results on different hardware?
Start with defining, what you want to protect and how much time and money it is worth to spend for this protection.
2 件のコメント
Jan
2018 年 9 月 20 日
So "cracking" means to get access to the source code in your case? Please explain exactly what you want protect the code from.
The m-files contained in the exe-file have a readable help section, but the code is encrypted. So there is no need for p-coding. You can strip off the comments instead. If the exe files contains the p-files directly (I did not check this, but you can do it), then the protection level might be lower. Do not overestimate the encryption level of p-files.
Trying to crack your exe file would mean a reverse engineering of the method the data are encrypted by compiling. I've confirmed the license conditions of Matlab, which forbid a reverse engineering. In consequence cracking is illegal, even if you ask me to examine a program you have written. Sharing how this would work with you or in public would not be legal also. Therefore I suggest to discuss this with the technical support of MathWorks.
I assume, that I'm not even allowed to crack my own executables and p-files. Therefore I'm using an old-school protection method for my code: a non-disclosure-agreement printed on paper and signed by hand. Each of the M-files I deliver contains the name of the customer and a HMAC hash. This works nicely and trustworthy with a limited number of customers.
Professional software relies on 2 mechanisms to limit the use to a specific range of time: The check the current date as relied by the operating system or by an internet service. The latter has the disadvantage, that it works online only. The first suffers from the very easy method to reset the date during the test. Therefore it is essential not to reveal, when the test of the date is performed. Do not let a program stop immediately after a failing test to avoid giving the cracker valuable hints. In addition to checking the current date, you can compare the date of the newest files in TEMP or the last date of e.g. Windows Updates in addition. This reduces the chance to be successful with just resetting the date temporarily.
You can provide obfuscated M-code in clear text easily: Remove the comments, rename the important variables to "c1, c2, ...", remove the line breaks (you need them only before the "function" keyword. Then a reverse engineering of 20'000 lines is most likely more expensive than re-writing the code from scratch.
Remember that even the highly skilled professionals in this forum fail frequently to understand the purpose of the code posted in this forum, when it exceeds 20 lines, does not contain comments and contains some eval commands. ;-)
その他の回答 (1 件)
Walter Roberson
2018 年 9 月 17 日
1 投票
It is not possible to have a fully protected program written in any programming language including assembler, at least not without hardware support such as sealed circuits in radiation hardened devices and deliberate hardware routings to prevent analysis of timing to figure out what instruction is executing.
カテゴリ
ヘルプ センター および File Exchange で MATLAB Compiler についてさらに検索
Translated by 
