#Tamper Protection 0.1.22363
##Part of the Intel(R) Integrated Native Developer Experience (Intel(R) INDE)
Release Notes
=============================================================================
Overview
--------
The Tamper Protection product can obfuscate and/or perform runtime code
verification of Microsoft Windows* binaries.
Tamper Protection consists of an SDK and tools for obfuscation,
code binding, and converting binary files to C header files.
Features
--------
Obfuscation or tamper protection of 32-bit and 64-bit binaries for
Microsoft Windows* versions 7, 8, and 8.1 compiled with
Visual C++* 2012, Visual C++* 2013, or Intel(R) C++ Compiler for Windows*.
Known Limitations
-----------------
- Codebind has only been validated with keys generated by OpenSSL*. Keys
generated by other tools might not work.
- Code binding verification may crash when verifying with signature
created for other binary.
- Some files may be left on the user system after uninstalling the tool.
User can delete the install folder after uninstall to remove remaining
files.
- Data referenced using RIP+offset addressing in 64 bit instruction set
will not be accessible from obfuscated code and the presence of such
data is not reported as an error while obfuscating. If obfuscated code
does use data referenced in this way behavior is undefined, and is
likely to cause errors at run-time.
- In rare cases internal error 0053.XXXX may occur. This results form a
poorly placed mutation, to workaround modify the mutation locations.
- Obfuscated binary runtime is significantly longer than the
unobfuscated code. This can be tuned by adjusting the mutation schedule.
- Recursion involving calls between two or more functions is not
currently supported. this can be worked around by modifying the original
code.
- SEH exception handling is not supported for 64 bit obfuscated code
- A software breakpoint may cause instructions following the breakpoint
to be in an ambiguous control flow state resulting in an "internal
error: 0051" error code.
- In rare cases internal error 2ADB.XXXX may occur. This can result from
some forms of input code that contain RIP relative memory addressing.
- Recursion involving a call to the entry point function from the entry
point function is not currently supported. The workaround is to add a
top level helper function to act as the entry point.
- Code binding verification is not supported for Windows binaries
containing managed code.
Using Tamper Protection
---------------------------
To start, go through the Obfuscation Tutorial found in
{InstallationFolder}\tutorial. After you are comfortable
with using the obfuscation tool continue with the Code Verification
Tutorial. For further details see the User Guide in
{InstallationFolder}\doc.
Legal Information
-----------------
This document contains information on products, services and/or processes
in development. All information provided here is subject to change without
notice. Contact your Intel representative to obtain the latest forecast,
schedule, specifications and roadmaps.
The products and services described may contain defects or errors which
may cause deviations from published specifications.
Intel, the Intel logo are trademarks of Intel Corporation
in the U.S. and/or other countries.
*Other names and brands may be claimed as the property of others.
Copyright (C) 2015 Intel Corporation. All rights reserved.