Famous at last, though not in the best way

Mike Kerner MikeKerner at roadrunner.com
Mon Mar 17 12:43:02 EDT 2014 

It doesn't require an experienced security expert.  Memory dumps are very
easy, and the tools are cheap.

MG is MobGUI, and John is, of course, John.

See thread from other list - we had static compilation of HC stacks and
projects back in the 80's and early 90's with Heizer Software's CompileIt!
and Double-XX! (the exclamation points were part of the name).  CompileIt!
was originally a tool for using HT to write XCMD's and XFCN's, but soon
after, Double-XX came out as a way to build fully-compiled standalones from
HC stacks.  It worked great.  I wrote the first HC-based
Anti-virus/anti-trojan this way.  It stopped the idiotic Dukakis trojan,
and several others with only a handful of lines of code.  Then I built
several database applications for my employer at the time, all
fully-compiled, double-clickable applications.  It was all just HC stacks
with a few restrictions placed on them by Heizer Software, the creators of
CompileIt! and Double-XX!


On Mon, Mar 17, 2014 at 12:24 PM, Richard Gaskin <ambassador at fourthworld.com
> wrote:

> Mike Kerner wrote:
>
> > Decompiling does not result in original source code.  As it is, the
> > kiddies can just copy/paste.  The dump that Kaspersky included, even
> > had a line that was commented out.
>
> So it seems they can only "copy and paste" if an experienced security
> expert has first provided a RAM dump.
>
> While always an issue with every dynamically-compiled language, how easy
> is it to fully dump RAM?  Has anyone here successfully done it?
>
> Still, I agree it merits consideration.
>
> Given the nature of the language static compilation may not be possible.
>  What other means may be useful?
>
>
>
> > Think about it - if you have the Pro version, yeah, your source is
> > encrypted, until it's decrypted when the app is loaded.  Then it's
> > just sitting there for someone to take.  I avoided doing this with
> > MG when John went AWOL, but there is nothing that would have stopped
> > someone with no scruples from doing it themselves.
>
> I think I may have missed some posts:  what is "MG" and who is "John"?
>
>
> --
>  Richard Gaskin
>  Fourth World
>  LiveCode training and consulting: http://www.fourthworld.com
>  Webzine for LiveCode developers: http://www.LiveCodeJournal.com
>  Follow me on Twitter:  http://twitter.com/FourthWorldSys
>
>
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>



-- 
On the first day, God created the heavens and the Earth
On the second day, God created the oceans.
On the third day, God put the animals on hold for a few hours,
   and did a little diving.
And God said, "This is good."

More information about the use-livecode mailing list