Is exe compression safe ?

[hypheni]

I use exe compressor (PE Compact) to compress my win32 dialog based application so that no one can view the dialog resources using resource hacker or similar and thus no chance of resource editing. This process also compress the exe size. But will this lead to failure some meets or quality of my application?. I tried this with my 2 applications and both of them works fine with those compressed exe.

But still I want to clarify myself if Im wrong anywhere.

[ahmd]

It's safe only against an amateur hacker. In general you should know that there's no such software protection that cannot be broken into. There are many articles on the web dealing with the issue. From my personal experience, it's not worth investing into encryption of an executable and I'd rather enhance the software itself and attract more users that way. If someone wants to break into it and get it for free, then so be it, that will be offset by an influx of legitimate users. In the meantime to combat piracy you can change the registration mechanism in each new release to prevent Internet freebies from already broken registration codes.

In case of guarding against changes done to the resources you can calculate the CRC on the executable and if it doesn't match the original value issue a message to contact your tech support and exit. It is not an accepted way to do things in a modern Windows environment but it worked for me in one of the older projects.

[hypheni]

Okay. Nice info.

In case of guarding against changes done to the resources you can calculate the CRC on the executable and if it doesn't match the original value issue a message to contact your tech support and exit. It is not an accepted way to do things in a modern Windows environment but it worked for me in one of the older projects.

Can you explain it a bit more. How do I calculate CRC ?.

[cilu]

CRC is a checksum, a value that you compute with some algorithm and used as a quick way to validate your data. If the data changes, the checksum computed with the same algorithm will be different. There are lots of ways to compute a CRC. For instance, you can use a 1 byte CRC and sum all the bytes in your data (in this case your executable). Or you can XOR all the bytes in your data. Other algorithms involve using tables to lookup for values to sum. You can also use MD5 or SHA1 hashes.

[OReubens]

Exe compressers offer a very thin layer of protection.
this packer in specific does little these days, there's a generic unpacker available which last I checked is free.

There's nothing neccessarily wrong with compressing exes, you do need to realise however that this does mean the entire exe essencially becomes "private data", and thus increases the memory consumption of your exe. You can mostly ignore this, but if your software will be running in a terminal server type environment, this can be a big deal.

If you want to prevent tampering, then I'd recommend digitally signing your exe. At least if someone DOES change your program either they also have to remove the digital sign (showing the exe didn't come from you and thus you can't take responsability) or it'll be obvious the exe is tampered with.

If you want to prevent people changing your dialog. Then an easy way out is to not use resources, but create your dialog through code. Alternatively, encrypt only the (compiled) dialog resource, decrypt at runtime and create the dialog explicitely with your template rather than with an ID.


There's many forms of protection, the questions you need to answer are:
How much time are you prepared to invest in protection ?
What do you really want to protect ?
Who do you really want to protect from ?

The bad answer is that there's NO way you can make your program SO secure that NO dedicated hacker will ever break it.
Unless you're experienced in the matter, you're likely going to spend hours/days into protections that won't be any kind of protection at all.
There's a good change that your protection will be broken faster than it took you to create this protection. Knowing how to protect, pretty much means you need to know the other side very well and thus need experience with.. 'reverse engineering'... to give it a name without the negative sound to it.

I have personally witnessed companies spend huges sums of money and many man hours of labour into protection schemes. Then see this very protection scheme be broken literally within a few minutes.

Don't expect an "applications" programmer to come up with any reasonable secure system, they'll all fail.

[Cpp_Noob]

If you want to prevent people changing your dialog. Then an easy way out is to not use resources, but create your dialog through code.

u can still change the dialog by hooking.

there are PE Packers and PE Protectors
PE Packers offers compression but they can be unpacked easily with a generic packer or a debugger
PE Protectors rarely offers a good compresion but they offer more protection, and some of them are hard to un-pack (ex: ASPack, Themida)

but as OReubens said, theres in NO real protection for a deticated hacker , only layers of protection ( Pe Protector , Anti-Reverse Engineering Modules , Online Check are only some of them)

but how many people are gone use you application? maybe few layers of protection will do the trick , if your application will be used by less than a thousand people

[hypheni]

So the conclusion is PE compression is just for preventing noob hackers.

[Cpp_Noob]

So the conclusion is PE compression is just for preventing noob hackers.

yes, there is an unpacker for almost every public packer out there , that can unpack your app in a single mouse click