cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
1
Upvote

RAM dump protection when writing Adobe Illustrator plugin

Aries Lam
New Here ,
May 10, 2020 May 10, 2020

Copy link to clipboard

Copied

I am writing a plugin for adobe Illustrator. I am questioned by the Information Security team regarding the safety of the plugin. In particular they would like to see if and how Adobe Illustrator and its plugin implements RAM dump protection and Hooking Detection. Questions

1) Does Adobe Illustrator has RAM dump protection and Hooking Detection in place

2) Does it apply to its plugin?

3) Does the plugin need to implement them? if yes, how?

 

Reference:

RAM dump Protection:

RAM can be dumped by using a hooking framework like Frida, but there are some libraries for windows and other programming languages to limit this such as “SecureZeroMemory” function for windows which zero the data.

 

Hooking Detection:

Any application can be programmed to verify on what platform(OS) it is running and is there any rogue hooking processes(applications- Frida) trying to get attached to the original application, if this is detected on the platform(OS) then the application has to be terminated.

TOPICS
SDK , Third party plugins

Views

684

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe

Explore related tutorials & articles

replies 2 Replies 2
latest latest Jump to latest reply
Silly-V
Valorous Hero ,
May 10, 2020 May 10, 2020

Copy link to clipboard

Copied

Hey I have no idea about any of this but it sure sounds interesting. One thing I do know is that in Illustrator you do sometimes get an "Out of memory (RAM)" error alert that comes up as a result of some expensive rendering action a user might do, such as adding a 3D effect. This box comes up as part of Illustrator's native UI operations and looks ugly.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Manan Joshi Community Expert
Community Expert ,
May 10, 2020 May 10, 2020

Copy link to clipboard

Copied

LATEST

Adobe SDK's don't cover these topics providing any functionality around these nor do they discuss if these things are implemented in the native application itself or not. I would also discuss with the security team if such extreme implementations are indeed required by the plugin. These seem to be very advanced topics(i read about them right now). My approach to implementing this would be the following

  • Verify if these hacks can be expolited if no special handling is done. If yes then proceed on to the next step
  • Consider the feasibility of implementing solution for each hack, like for ex Ram dump protection, identify the data that needs to be protected, like some passwords keys etc. I read that strings can't be effectively protected but char * so make the necessary changes. Making the change blindly everywhere would be an overkill in terms of code refactoring and may be performance.

-Manan

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Learning Resources for Illustrator
Getting started with Illustrator
Learn from video tutorials
What is new in Illustrator
Crash on launch and known issues
Illustrator is crashing on launch
Fixed issues
Known issues
Fonts and Typography in Illustrator
Getting started with fonts in Illustrator
FAQ and Troubleshooting tips
Copyright © 2024 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices