(16 September 1997)
Courtesy of Fravia's page of reverse engineering
Well, an interesting answer... we await other opinions on this: is the PIQ idea, for a tough protection, a GOOD idea, or rather an impossible path?
+HCU's special Project X: How to protect better
[You should use Courier New 10 in order to view and print correctly this essay]
Ok... I have read the essay by Camel Eater about the Prefetch Instruction Queue, but
I have some doubts on his usage in protection schemes. Around three year ago I wrote
a little program for the PIQ size determination... This is the source:
; FILENAME: prefetch.asm
; AUTHOR: +Heres (1994)
; TASM /m2 prefetch
; TLINK /t prefetch
.MODEL TINY ; .COM file
CODICE PROC NEAR
conto: inc bx
more: cmp bx,33
write: int 21h
normal: mov ax,bx
testo1 db 'Your CPU seems to have $'
testo2 db 'less than $'
testo3 db 'more than $'
testo4 db ' bytes of PIQ.', 13, 10, '$'
This program works only on processors before the Pentium family, because the Intel
Pentium processor updates the PIQ if the corresponding memory is changed, and not
only if a JMP, CALL, RET, etc. istruction is executed... But if you have a processor
of the 486 family, you can check the size of his PIQ, using this little program. On
a Pentium processor the result is always "less than 12 bytes" because the PIQ is
So I can not think that this protection tric is yet useful today.
+Heres, September 14th 1997
(c) +Heres 1997. All rights reversed
You are deep inside Fravia's page of reverse
engineering, choose your way out:
Back to Our protections
+ORC students' essays tools
antismut search_forms mail_Fravia
is reverse engineering legal?