by Richard Russell, March 2007
BBC BASIC for Windows provides a convenient method of incorporating resource files within a 'compiled' executable, using the Embedded files feature of the Compile utility (or the “REM!Embed” compiler directive). Such resources might be program modules, DLLs, image files, music files etc. When the application is run these resources are automatically extracted from the executable and stored as conventional files, which can be accessed by the program at run-time.
It is possible to protect the resource data from prying eyes, whilst it is stored in the executable file, using the Encrypt contents option. Although the encryption used is not highly secure, it will defeat all but the most determined attempts to read the data. However when the resource files are extracted at run-time they are unencrypted and stored on the user's disk; this potentially makes them vulnerable to being read.
If you are particularly concerned to keep the contents of your resource files confidential there are a number of steps you can take:
INSTALL @lib$+"MYMODULE" IF INSTR(@lib$,@tmp$) OSCLI "DELETE """+@lib$+"MYMODULE"""
If none of these techniques provides adequate protection, consider incorporating the most sensitive code within your main program rather than in resource files. The main program is copied directly from the executable into memory and doesn't at any point exist as an unencrypted file on the local disk, however it is still vulnerable to a memory dump attack.
If you are concerned about memory dump attacks, contact me for a copy of secure.exe which is a utility that can effectively protect compiled BB4W executables from such attacks.