It is a C++ implementation of SiMBA [1] - a tool to handle linear MBAs, made available by Denuvo itself. Denuvo have another tool - Gamba for handling some variety of non-linear MBAs. And then further improvisation by another researcher - MSiMBA [3].
SiMBA++ since written in C++, it is fast and it integrates well into the LLVM passes to automatically identify the MBAs and replace them in the LLVM IR with simplified expressions. So no additional work required.
Shameless plug - me and my colleague (author of SiMBA++) recently gave a talk about using LLVM for deobfuscation of WASM, where we talk about MBAs, SiMBA++ etc. The idea is not limited to WASM, it is language agnostic once you have a binary lifted to LLVM IR. https://www.youtube.com/watch?v=gKRdOcuXbYI
I have an iPad from 2012 with retina display, still a good device, but on slower side. The battery backup is still mighty good (can last around 6-8 hours easily with constant use). It is running iOS 9.5 (probably?). It is a potential security risk too, so I dont use it for browsing random internet stuff. Instead I mostly use it for consuming media content - like podcasts, youtube videos etc, which I pre-download on my homeserver setup.
I put my old laptop and hard disks to use as a homeserver, I have scripts running which download podcasts and youtube channels I view often, and at night I can just use my iPad to consume this. Another plus with this setup is, I dont need to see those annoying YT ads, and I always have the videos backed-up with me even if the channel is taken down or the author removes videos.
I also use my iPad as a roku remote over WiFi. Overall I am able to extract utility than just throwing it away.
With software-as-a-service becoming widespread and the practice of micro-transactions starting to become common, soon people might start questioning that was digital payment revolution worth it? If made life easy in the starting, but now its turning out to create more headaches. The old way of paying hard cash and walking off was much better.
Some I see are surprised to see the level of obfuscation used in the application. Many pointed, many ingredients for the obfuscation used in the app are off-the-shelf and few of them can be said to be well known in the industry, but still there is a cost in integrating them into a product. Obfuscation is notorious in breaking things which should work normally (normal compilation process) and as a own goal making it hard to debug as well. Integrating, testing, debugging and difficulty in debugging production crash logs is a considerable cost.
That said, obfuscation is increasingly being used in mobile applications now. Check your banking application or some government applications, you will find obfuscation being used. With mobile applications getting richer and lot of code executing on the client side, makes it compelling case to secure applications by using obfuscation (as a defense-in-depth approach).
Open standards like OWASP MSTG [1] MSTG-RESILIENCE-9 recommend such approach.
Obfuscation is applied to programmatic defenses, which in turn impede de-obfuscation via dynamic analysis.
I think that it is due to the copy cats that keep stealing apps and repacking them.
Most Android developers lack native coding experience, so after failing attempts to protect their applications with the DEX bytecodes obfuscator, they think that recoding parts of the application with the NDK will save them.
However as this article shows, and most here know, they shortly learn that against good attackers, the only benefit from using native code directly is it takes a little longer to decipher what the application does.
So then one turns to solutions like what you are describing.
> they think that recoding parts of the application with the NDK will save them.
Yeah like that one app I reversed a while ago that generated the API key in a native library. I was able to get the key by building my own app around their library and calling the function that returns the key. Didn't even have to disassemble the thing.
The author of the blog post is my friend, I will ask him to fix it. The funny thing is, he don't even knows about HN at all and he has no idea that his post is trending. :P
I second this. It is very well written and among the top fantasy books I have read. The only frustrating part is the release of third book is no where near in the horizon.
In my personal experience getting started with cybersecurity career is tricky. Many companies want cybersecurity professionals, but most of them are not willing to train one. It creates the dreaded situation - companies dont hire you because you dont have experience, but you need a job to get experience.
A good way to get started is to take up any opportunity you get (and of course, of your interest), so you get a foot in the door. Other comments have talked about internships and certifications, I would like to highlight OSCP certification. It is hands on certification, and it will give you a good feel about the whole pentesting process. It is fairly respected certification in the industry and getting one will surely help you in getting a good starting job.
Also, keep honing your skills on various aspects of security, on job, you might not be dealing with all security topics all the time, but they show up and it helps to know about them. For example, you might be evaluating a C codebase with some applied cryptography. You may have all your focus on improper memory handling, but knowledge about applied cryptography can be helpful to contribute better.
It is a C++ implementation of SiMBA [1] - a tool to handle linear MBAs, made available by Denuvo itself. Denuvo have another tool - Gamba for handling some variety of non-linear MBAs. And then further improvisation by another researcher - MSiMBA [3].
SiMBA++ since written in C++, it is fast and it integrates well into the LLVM passes to automatically identify the MBAs and replace them in the LLVM IR with simplified expressions. So no additional work required.
Shameless plug - me and my colleague (author of SiMBA++) recently gave a talk about using LLVM for deobfuscation of WASM, where we talk about MBAs, SiMBA++ etc. The idea is not limited to WASM, it is language agnostic once you have a binary lifted to LLVM IR. https://www.youtube.com/watch?v=gKRdOcuXbYI
[1] SiMBA - https://github.com/DenuvoSoftwareSolutions/SiMBA [2] Gamba - https://github.com/DenuvoSoftwareSolutions/GAMBA [3] MSiMBA - https://github.com/mazeworks-security/MSiMBA