Re: Hiding method names in binary
Re: Hiding method names in binary
- Subject: Re: Hiding method names in binary
- From: Clark Cox <email@hidden>
- Date: Wed, 23 Nov 2005 15:21:26 -0500
On 11/23/05, Trygve Inda <email@hidden> wrote:
> I was reading at:
>
> http://www.unsanity.org/archives/000098.php
>
> "with the advent of Cocoa, it became impossible to hide the method names in
> the compiled application binary, making it easier on hackers to find the
> correct serial number checking function."
>
> Is this still true? What does everyone here do about it - come up with bogus
> method names?
Yes, it's true, as the Objective-C runtime needs to know the names of
methods and classes in order to function properly. Your only real
option for hiding the method names is to obfuscate them. For instance,
if you have a method that checks the validity of a serial number, call
it something completely unrelated. So, instead of:
-(BOOL)isSerialNumberValid:(NSString*)number
call it:
-(BOOL)shouldHaltThread:(id)number
--
Clark S. Cox III
email@hidden
http://clarkcox3.livejournal.com/
http://homepage.mac.com/clarkcox3/
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden