Hacker News new | ask | show | jobs
by grog454 34 days ago
> It has been over a decade since any ordinary off-the-shelf closed-source software was meaningfully obscured from serious adversaries.

Probably goes without saying but the last line of defense is not deploying your software publicly and instead relying on server-client architectures to do anything. Maybe this will be more common as vulnerabilities are more easily detected and exploited. Of course its not always feasible.

It has been annoying seeing my (proguard obfuscated) game client binaries decompiled and published on github many times over the last 11 years. Only the undeployed server code has remained private.

Interestingly I didn't have a problem with adversaries reverse engineering my network protocols until I was updating them less frequently than weekly. LLM assisted adversaries could probably keep up with that now too.
1 comments
ReptileMan 34 days ago
>Only the undeployed server code has remained private.

How easy to do you this is for LLM to build decent emulator of the server in question by just observing what you send and what you get as response?

link
AussieWog93 34 days ago
Honestly, I can't really imagine how this would work at all?

I could see how, given enough data, you'd be able to infer the intended logic of the server and reimplement something that's compatible (I've done this myself with Wireshark + USB devices in the past).

But how would could you reason about specific vulnerabilities in remote code just from a set of requests and responses?

link
globalnode 34 days ago
not sure why downvoted. server emulators will become faster to make. protocol analysis will become faster as well.
link
Izkata 34 days ago
Because while you could get something that drives a dumb interface, by moving the work and data to the server it's not available for the emulation software to use.
link
reactordev 34 days ago
If the contract is well defined, the LLM can infer what it's purpose is, implementation, possibly even your secret sauce. There is no software moat anymore.
link
globalnode 34 days ago
yes this is what i was trying to say. its quite common on older client-server games to do this sort of thing. powerful ai models will just make the work to recreate/emulate servers faster.
link
imoverclocked 34 days ago
Except that emulating what is seen is surprisingly useful to find attack vectors. As a single deeper datapoint, one can look at more than just baseline behavior and delve into timing details to further refine implementation guesses.
link