You can already compile malware to obfuscated asm.js. If anything, WASM blobs are easier to reverse engineer than obfuscated JS - good luck writing a ghidra plugin for JS source.
What about obfuscated WASM blobs? At least obfuscated JS is still basically source code being interpreted, with WASM we will be running proprietary obfuscated binaries in the browser.
Obfuscated javascript could still import a WebAssembly polyfill, if there really was any advantage in doing so: https://github.com/evanw/polywasm
Since WebAssembly instructions are much easier to reason about, you could probably auto-optimize away a lot of the obfuscation, like "this is a silly way to do X, so we can just do X directly".
Why is that? With obfuscated JS you can instantly create ASTs, easily patch and preview the results. We have codemodding tools for mass patching and analysis. With WASM, you can theoretically have a future anti-tamper corporation with a solution to actively obfuscate binaries and antagonize reverse engineers, like we have today with desktop binaries.
Many of the anti-debugging techniques for desktop binaries do not work on WebAssembly: it can't jump to an address, it can't read the instruction pointer, it can't read/access it's own machine code, ...
ASTs are pretty useless once it's been through a control-flow flattening obfuscation pass. At the end of the day it's just one representation vs another, but there are a lot more existing tools for dealing with binary reverse engineering.
The Rijksmuseum is incredible, but also huge; the kind of museum you pick a small fraction of to see in any given trip. There are also several smaller museums that you can see in a day.
The Mauritshaus is a small museum in a converted manor, containing an incredible number of famous paintings, notably by Vermeer and Rembrandt.
Folks here might also appreciate the M. C. Escher museum.
Yes. Don't know if I'll make it again on my upcoming trip--missed the Van Gogh last time because it was sold out but have tickets this time. It always amazes me how quickly schedules fill up. Doesn't help that I'm also working.
It misled me too - though I'm interested in the article anyway. I've emailed the mod team so hopefully the submission here will get a less context-dependent title soon.
Hyper-individualized software is what LLMs are best for IMHO. They lower the bar so much that it's becoming perfectly feasible and reasonable to amase a large amount of software which is fit to your exact personal needs and preferences.
Yeah, I have a dozen random tools that do specific things I need that wouldn't be useful to anyone else, and that I wouldn't share in their current state anyway. But they're fine for me, and without LLMs, I wouldn't have spent the time to build them.
Exactly:
The app can do only one thing, and does this one thing very well. Other approaches are not implemented or planned. Its like a specific dentist-tool that you need for one specific task.
Yes, its for proprietary use among friends; its not for sale, instead I get a cut of their returns for providing support & maintenance.
It is not 100% vibe code, by far not! I use cloud for method-by-method or simple class instructions and integrate in the app manually, I do not use any of the API integrations, I just use the standrad WebUI for discussing, planing & implementation.
reply