Black Hat 2018 – Major Innovations in the Works!

August 24, 2018 John O'Connor

The Cloakware® team is back from Black Hat 2018, our favorite show of the year.

This was an exciting milestone for us:  It was our second Black Hat with the re-launched Cloakware Software Protection product, technology that was previously reserved for a chosen few partners and customers.   The response from the floor at Black Hat showed that our technology is really beginning to resonate with the market and satisfies an increasingly strong need for protection of application software.

This year at Black Hat, we expanded our popular demo/talk format in the booth with new talks from our engineers:

  • Updated Transformation Demo

A cornerstone of Cloakware Software Protection is the sophisticated transformation engine that transcodes software and data, entangling them together so that reverse engineering the final result is nearly impossible. This popular talk delved into several of the key techniques the transcoder employs, giving some unique insights into the effectiveness of this approach for robust software protection.

  • Transforming JavaScript – Securing your web applications

This demo showed how the transformation techniques from above can frustrate a hacker even in an interpreted language like JavaScript, which is normally easily accessible to a hacker with standard web browsers and built-in debugging tools.

  • Whitebox cryptography – The right tool for the job

This demo was very effective in showing developers how off-the-shelf cryptography can be easily hacked to retrieve the key through DCA and that whitebox cryptography is more resistant to these advanced forms of attack with acceptable performance to boot!

  • Forensic marking for software – Do you know where your code is?

An important new feature in Cloakware 8.0 is the innovative forensic marking capability that is now part of our architectural approach to software protection. The demo for this showed how the resilient, robust mark can be used with our Online Piracy Detection service to trace the source of leaks and track the deployment of proprietary libraries and theft of your IP.

Of course, we also spent quality time with numerous media and analysts to help build awareness of Cloakware in the market. We recorded a video interview with Security Weekly and two podcasts (Help Net Security and The Last Watchdog). You can listen to the Help Net Security podcast here (we’ll post the other links when they are live!)

We were pleased to see our news from the show picked up by several industry media and analysts at Black Hat. Notably, esecurityplanet.com, in their article “10 Vendors Making News at Black Hat USA 2018” summed up Irdeto’s news as:

Irdeto

Irdeto unveiled the 8.0 version of its Cloakware Software Protection, providing organizations with new capabilities to help secure Internet of Things (IoT) connected devices. Among the new features is a tamper-proof forensic mark for software.

Cloakware Software Protection is a suite of advanced cybersecurity technologies that enables organizations to customize the protection of their software-defined business. In addition, Irdeto has announced its new Cloakware Development Center to better connect with developers.

“At the end of the day, Cloakware Software Protection is providing IoT-connected industries with the peace of mind to securely innovate and deploy their services or devices in ever-increasing hostile environments,” stated Jaco Du Plooy, Vice President of IoT Security at Irdeto.

Our full press release is here, but let’s unpack that a bit to give you the back-story and a bit of an insider’s view. We led with the enhanced architecture that was put in place as the foundation of Cloakware Software Protection’s 8.0 release. Enhanced architecture is a bit of an umbrella term for a wide-ranging group of architectural improvements to our suite of software protection, some of which are alluded to in the body of the release:

  • Platform support

An important aspect of the multi-layered, security-in-depth approach we favor for software protection is the platform-specific protections we provide with Cloakware. As platforms evolve, so do our binary protection libraries… we are constantly updating our methods for establishing a root of trust on a platform, fingerprinting, resilient Integrity Verification (IV), robust anti-debug, etc. In Cloakware 8.0, we fully support the latest versions of iOS, Android, Linux, Mac OSX, Windows and others on multiple Instruction Architectures (IA).

  • Additional languages

In the internet-driven, software-defined world we live in, application development languages are evolving constantly. Much of the uniqueness and strength of Irdeto’s software protection lies in applying the technology to source code and data seamlessly during development, without impacting the programmer. With this approach we can entangle code and data transformations in such a way that tampering with either will cause the program to fail to execute properly.

In Cloakware 8.0, we have a major change in the way we support multiple languages as well as their various dialects (flavors) and the architectural changes ensure that we can move quickly to support emerging programming languages, keeping pace with the industry. With 8.0, we support C, C++, Swift, Web Assembly and JavaScript.

  • Usability enhancements

We’ve noted before the crisis in the industry regarding the chronic shortage of skilled cybersecurity professionals. The industry needs to find a way that software developers can apply good software protection to their applications in a semi-automated fashion without the constant need for a dedicated cybersecurity professional to intervene.

Cloakware 8.0 continues our trend to improve ease of use… it includes enhancements to documentation, demos, tooling and scripts such that the developer can seamlessly transition between debug and production (protected) code easily and make incremental changes to the tuning (size and performance) of the protected software on a module by module basis if necessary.

These architectural changes at the build level of Cloakware 8.0 support the semi-automatic application of protection, transparent to the developer, and scale to enable the fully-automatic, AI-driven software protection we envision in the future.

  • Innovative features, including a new forensic marking capability

We’ve talked about the new forensic marking of software above, it was a key demo at Black Hat this year. The underlying architecture of our software protection has enabled us to mark the code with an indelible, highly robust and resilient mark that can be reliably detected with a very small sample of the binary or source. Now your IP can be protected with a proactive strategy of enforcement as well!

With Cloakware 8.0, we are well positioned for the push toward fully automated software protection, a truly great user experience, and expanded services, including Online Piracy Detection (OPD) for Software and threat tracking/indexing.

The press release also mentions the introduction of the Cloakware Report, Edition 2 at Black Hat. This series is an important initiative of ours to try and explain the industry needs, best practices, business drivers and other considerations that should help a company decide to adopt a best-in-class software protection strategy. We really do believe that old cliché: “An educated customer is our best customer!”

All-in-all a very fun and successful Black Hat 2018! We plan to return again next year with an expanded presence and catch up with our expanding group of friends.

If you recognize the need for Software Protection in your applications and ecosystems and buy in to the idea of protecting your software to protect your business, please check out Irdeto’s Cloakware® Software Protection and Contact Us to discuss your unique needs and applications.

No Previous Articles

Next Article
New Cloakware Report out now! Cloakware Report, Edition 2: “Protect Your Software. Protect Your Business.”
New Cloakware Report out now! Cloakware Report, Edition 2: “Protect Your Software. Protect Your Business.”

Most thinking around cybersecurity is dominated by the fear factor; what will happen to our company is our ...