Copy link to clipboard
Copied
I am writing a plugin for adobe Illustrator. I am questioned by the Information Security team regarding the safety of the plugin. In particular they would like to see if and how Adobe Illustrator and its plugin implements RAM dump protection and Hooking Detection. Questions
1) Does Adobe Illustrator has RAM dump protection and Hooking Detection in place
2) Does it apply to its plugin?
3) Does the plugin need to implement them? if yes, how?
Reference:
RAM dump Protection:
RAM can be dumped by using a hooking framework like Frida, but there are some libraries for windows and other programming languages to limit this such as “SecureZeroMemory” function for windows which zero the data.
Hooking Detection:
Any application can be programmed to verify on what platform(OS) it is running and is there any rogue hooking processes(applications- Frida) trying to get attached to the original application, if this is detected on the platform(OS) then the application has to be terminated.
Copy link to clipboard
Copied
Hey I have no idea about any of this but it sure sounds interesting. One thing I do know is that in Illustrator you do sometimes get an "Out of memory (RAM)" error alert that comes up as a result of some expensive rendering action a user might do, such as adding a 3D effect. This box comes up as part of Illustrator's native UI operations and looks ugly.
Copy link to clipboard
Copied
Adobe SDK's don't cover these topics providing any functionality around these nor do they discuss if these things are implemented in the native application itself or not. I would also discuss with the security team if such extreme implementations are indeed required by the plugin. These seem to be very advanced topics(i read about them right now). My approach to implementing this would be the following
-Manan