Dharkfiber sends an article about the Hardened Anti-Reverse Engineering System (HARES), which is an encryption tool for software that doesn’t allow the code to be decrypted until the last possible moment before it’s executed. The purpose is to make applications as opaque as possible to malicious hackers trying to find vulnerabilities to exploit. It’s likely to find work as an anti-piracy tool as well.
To keep reverse engineering tools in the dark, HARES uses a hardware trick that’s possible with Intel and AMD chips called a Translation Lookaside Buffer (or TLB) Split. That TLB Split segregates the portion of a computer’s memory where a program stores its data from the portion where it stores its own code’s instructions. HARES keeps everything in that “instructions” portion of memory encrypted such that it can only be decrypted with a key that resides in the computer’s processor. (That means even sophisticated tricks like a “cold boot attack,” which literally freezes the data in a computer’s RAM, can’t pull the key out of memory.) When a common reverse engineering tool like IDA Pro reads the computer’s memory to find the program’s instructions, that TLB split redirects the reverse engineering tool to the section of memory that’s filled with encrypted, unreadable commands.
In 2013, a restoration project for Hut 6 of Bletchley Park uncovered a collection of papers being used as roof insulation. The papers were frozen to preserve them while they were inspected and repaired. Now they’re on display at an exhibition showing items found during the restoration process. “The documents also included the only known examples of Banbury sheets, a technique devised by [Turing] to accelerate the process of decrypting Nazi messages. No other examples have ever been found. All the findings are unique as all documentary evidence from the code breaking process was supposed to be destroyed under wartime security rules.”
As you may have heard, the NSA has had some success in cracking Secure Shell (SSH) connections. To respond to these risks, a guide written by Stribika tries to help you make your shell as robust as possible. The two main concepts are to make the crypto harder and make stealing keys impossible. So prepare a cup of coffee and read the tutorial carefully to see what could be improved in your configuration. Stribika gives also some extra security tips: don’t install what you don’t need (as any code line can introduce a bug), use the kind of open source code that has actually been reviewed, keep your software up to date, and use exploit mitigation technologies.