I have to say, reading through the github for the movfuscator was pretty damn amusing. I honestly burst out laughing at the control flow graphs. But I'm curious, is this actually practical for anything?
Running Doom at 1 Frame per 7 hours is, pretty unreasonable. Would text based software even be usable with this?
Either way, I do enjoy cleverly, overly engineered, possibly useless things created just because someone thought it would be funny.
> Would text based software even be usable with this?
I just wrote a quick C program to find the primes less than 100000 and compiled it with gcc and movcc. I wouldn't say it's, you know, fast, but I'm impressed at how it does finish in an amount of time that I was willing to wait.
$ time ./primes.gcc | wc -l
9592
real 0m0.035s
user 0m0.031s
sys 0m0.012s
$ time ./primes.movcc | wc -l
9592
real 0m10.511s
user 0m8.289s
sys 0m2.228s
It looks like the reason that it spent so much time in syscalls is that it somehow uses signals for control flow. (I'm not quite sure how that works.)
Or for license check / DRM (I appreciate some might consider one or both of these to be a type of malware).
As someone else noted, a large block of mov instructions would be quite easy to spot so you'd have to tie it into a bit of core application / algorithm logic. But that doesn't mean the whole program needs to be written that way.
That's yoo generous of a definition. I would prefer if the software I used didn't crash, or have any bugs, but mistakes get made sometimes. By your definition, that's malware. I would say malware is software who's primary focus is to do things the user wouldn't like. A game checking DRM licenses isn't malware as it's not the primary purpose, just an annoying aspect.
You’re right, my definition was too broad; intention should matter. But DRM would still count; it intentionally does something which the user or device owner would rather it did not do.
So every software with a license check is malware? That doesn't necessarily mean it verifies with an external server, it might just locally check a code and use some bits contained therein to print "Registered to XXXX" on the about screen.
What about a one-time screen kindly asking for a donation?
Previous submissions with significant discussion:
- https://news.ycombinator.com/item?id=18991404
- https://news.ycombinator.com/item?id=16218872
- https://news.ycombinator.com/item?id=12372242
- https://news.ycombinator.com/item?id=10021259
- https://news.ycombinator.com/item?id=9751312