Strength of anti-debugging technique [closed]

Question

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.

Closed 9 years ago.

Having used to debug with tools like gdb etc, I have little knowledge about they get implemented. I am trying to implement an anti debugging technique in my program but having very little knowledge about debugging, I need some help. I have come across following code from http://www.julioauto.com/rants/anti_ptrace.htm

void anti_ptrace(void)
{
    pid_t child;

    if(getenv("LD_PRELOAD"))
        while(1);

    child = fork();
    if (child)
        wait(NULL);
    else 
    {
        pid_t parent = getppid();

        if (ptrace(PTRACE_ATTACH, parent, 0, 0) < 0)
            while(1);

        sleep(1);
        ptrace(PTRACE_DETACH, parent, 0, 0);
        exit(0);
    }
}

I want to have expert opinion of you gurus about how successful the above code will be and what are Pros and cons?

Any help would be appreciated.

Answer 1

The only way you can actually protect your algorithms from debugging or decompiling is to restrict access to their binaries - by running them on remote machine and accessing via TCP/IP. Any local solution will eventually fail in hands of determined cracker.