[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Export ELS protected...Diamondlock



PureBytes Links

Trading Reference Links

> Someone just sent me an email referring to a product called
> Diamondlock at http://www.investlabs.com/. 
> 
> Does anyone have any comments on/experience with this software? 

I have a copy of DiamondLock, though I haven't used it in several 
years.  My recollections are:

DiamondLock provides a very low-level "virtual machine" that 
executes a language that's roughly comparable to assembly 
language, only it's harder to read and write.  It's more like 
looking at actual machine code.  Each DL operand is represented 
as a letter in an Easy Language string.  Each DL owner has a 
"key" that determines his mapping of "letter" to "DL operand," so 
essentially each owner's DL code is encrypted by his own private 
cipher.

The idea is that you take some key portions of your EL code and 
encode them into DL operands.  Since your DL operands are 
encrypted by your private code, nobody is supposed to be able to 
determine what it does (reverse-engineer it) even if they look at 
the source.  Since they can't find out what your code does, and 
since the DL virtual machine won't execute the DL code unless the 
user has the appropriate DL key, nobody can run your code unless 
you unlock it for them.

In theory, this is pretty bullet-proof.  It would be very 
difficult for a hacker to decipher the DL gibberish to determine 
what's in there, especially with a small sample of code.  He 
can't just patch around the DL code, because you've encrypted 
critical logic in the DL operands.  Supposedly he can't even 
intercept the DL-decrypted logic, because DL decrypts it on-the-
fly in memory and immediately discards it.

In reality, could a determined hacker crack it?  Maybe.  I 
suspect it would be difficult enough that he'd decide there were 
much easier victims to attack, and leave your stuff alone.  
Personally I'd guess it would be easier to crack most DLL code, 
since the assembly language is easy to reverse-assemble and it's 
not that hard to reverse-engineer the logic.

Main problem with DL:  It's a huge PITA to encode your EL logic 
into DL.  The DL operands are very low-level, on the order of 
"push var onto stack," "Add top two cells on the stack," "branch 
if top of stack is zero," things like that.  You can't call out 
to EL or any other language.  There is no "assembler" for DL, so 
it's up to you to look up "push" in your unique code table and 
determine that for your DL key it's "q".  Then concatenate a 
whole bunch of these operands into an EL string.  The result 
might look something like:

  Result = DLExecute("xiD3sYFzhhDldfLDjflsETlKJqjl", Var1, Var2);

The gibberish is your DL code (which might be executing something 
as simple as "if Var1 > Var2 then return Var1+Var2, else return 
0" or something like that), and Var1/Var2 are inputs to the DL 
code.

The encoding process is very painstaking, very slow, and VERY 
error-prone.

However, if you're really paranoid about protecting your code, DL 
may be just what you're looking for.  As I said, I suspect it 
would be harder to crack a decent DL program that to crack most 
DLL's.  Maybe a DLL wizard could make a harder-to-crack DLL, but 
DL is probably easier for most humans.

Gary