Comment by sedatk
12 hours ago
> BinDiff: you can't patch software without disclosing vulnerabilities
That’s why Microsoft has been obfuscating its binary builds for at least the last two decades so that even the two builds from the same source would produce very different blobs.
Sounds dubious, do you have a citation? The disassembly looks very straightforward for a lot of Windows code.
They're not encoded, but the code blocks are shuffled. That's why disassembly does look straightforward, but it used to thwart BinDiff at the time.
If I understand correctly, that is just randomness comes from parallel compiling and linking.
If you saying there is a whole step just scrambling blobs, i will be very surprised.
What made you believe this is the case? any examples/links/etc.?
1 reply →
How are they obfuscated?
See my sibling comment.