Quick notes from me since JMI may disable my account for lack of posts
1. Presented method is old as hell (look at viruses).
2. Unfortunately it has nothing common with vm. It does not even smell like vm
3. "Erase RET instruciton", "use JMP to divide code" - uhm... it
was good trick but my callendar shows 2006.
4. I am a bit surprsied seeing real
professional coder, like LiuTaoTao, suggesting that stack execution, even ecnrypted, may stop serious cracker. Bad news:
stack analysis will help a lot during reversing. Again: we have 2006 so let's forget it. In 2007 don't even mention it.
Anyway, good news is that LiuTaoTao is back. I was wondering many times about such a talent, being conviced he was lost in some cheap company. It's very good to see him back, even in other field than his specialization.