If the time it took to reverse enough of Spotify to find this trick was worth more than the N months of what Spotify was trying to protect (prior to the disclosure of the problem), then the trick was a net win for Spotify. That's the basis of DRM.
Want to make this a modern scheme?
* Make it much, much harder to reverse enough of Spotify to find tricks like this. Encrypt code with a "white-box" variant of an intentionally obfuscated algorithm. Compile numerous dead-code dead-end encrypted code paths into the binary.
* Make the scheme renewable, so that instead of simply making a binary decision about whether the program can run or not run, it derives a secret that all valid instances of the program need to operate. Now when someone breaks the scheme (as inevitably they will), release an update with different compiler tricks and a different secret.
* Stockpile a lot of these variants (it is easier for you to do this than for attackers to reverse those tricks, which returns the advantage to you). Make update transparent. Trickle out updates until attackers get bored and go away.
This is essentially the BD+ DRM scheme, which has kept Slysoft mostly on their heels (multi-week delays on new titles were typical, last I checked). And BD+ had a much harder problem to solve, since they had to coordinate the scheme amongst lots of consumer electronics vendors. You can do better.
In general, nothing about (say) Bochs obsoletes software protection. Advanced protected code (say) encrypts sensitive blocks, and uses (say) runtime artifacts to decrypt them before executing.
There are software protection schemes that nobody has published breaks for, presumably because they are too much of a pain in the ass to break.
If brl is watching, he'll name one that I decided was much too much of a pain in the ass to win a message board bet over. Most of my experience here is NDA'd though.
A nonstatement. Just because something is obscure doesn't mean that it hasn't also been secured. More importantly, in this setting, obscurity increases cost. DRM is all about cost.
The real question is, do all emulators differ in some consistent way from all "real" machines, and more so than "real" machines differ among themselves? The answer is almost certainly "no", and if it were "yes", the fix ought to be trivial, because there is no fundamental magic which emulators introduce and one might easily detect unspoofably.
This is all very old stuff. VMWare is very easy to detect, as it (a) was based on software virtualization, which has a heavy footprint, and (b) made no attempt to be hard to detect.
But the available evidence is that even if you're hardware-virtualizing, there are reliable, millisecond-fast techniques you can use to profile the microarchitecture to detect (say) jumps to hypervisor code in instruction sequences that should run natively. Nate Lawson, Peter Ferrie and I presented some of these at Black Hat a couple years ago.
The gap (in functionality and in performance) between an emulator and a cycle-accurate simulator of an actual chipset is large.
> The gap (in functionality and in performance) between an emulator and a cycle-accurate simulator of an actual chipset is large
On the other hand, there is a large degree of fuzziness in the behavior (between individual machines) of the features within this gap. For example, profiling and high-resolution timing instructions are not equally available on all x86 CPUs. As for the chipset, most of the interesting features are very poorly (if at all) standardized. I hypothesize that a thorough emulator detector written today will have many false alarms on actual bare hardware.
Let's also not forget that not a single emulator has yet been written with the explicit goal of being undetectable by hostile code. High-resolution timers could always be fudged, a tick table consulted for spoofing the requisite intervals, etc. if we know what to expect from the raw hardware.
And if one day emulator-writers fall far behind anti-debugger trick specialists, the hardware ICE could make a come-back.
Hypothetically, software could be fed false outputs from timer-register reads in much the same way as it is fed false outputs from privileged instruction calls in VMWare. I am not aware of any publicly available emulator which does this, however.
Alternatively, one could use automated means to find sections of a binary which behave in a logically distinct manner (branch differently in at least one place) when emulated instruction timings are twiddled. Then turn the disassembled section red in your debugger and attack it manually.
Want to make this a modern scheme?
* Make it much, much harder to reverse enough of Spotify to find tricks like this. Encrypt code with a "white-box" variant of an intentionally obfuscated algorithm. Compile numerous dead-code dead-end encrypted code paths into the binary.
* Make the scheme renewable, so that instead of simply making a binary decision about whether the program can run or not run, it derives a secret that all valid instances of the program need to operate. Now when someone breaks the scheme (as inevitably they will), release an update with different compiler tricks and a different secret.
* Stockpile a lot of these variants (it is easier for you to do this than for attackers to reverse those tricks, which returns the advantage to you). Make update transparent. Trickle out updates until attackers get bored and go away.
This is essentially the BD+ DRM scheme, which has kept Slysoft mostly on their heels (multi-week delays on new titles were typical, last I checked). And BD+ had a much harder problem to solve, since they had to coordinate the scheme amongst lots of consumer electronics vendors. You can do better.