Kevin Poulsen, SecurityFocus 2003-02-24
Colapse all |
Post comment
Program Hides Secret Messages in Executables
2003-02-24
Anonymous (1 replies)
Anonymous (1 replies)
Program Hides Secret Messages in Executables
2003-02-25
anonymous (1 replies)
anonymous (1 replies)
> Could big Brother use this to invade our privacy?
yes. in this case big brother would use this technique to hide
a hash of your identity in the program, so it can find pirated copies.
something like the audio watermarking we've been hearing about a few months ago.
fortunately now that we know ...
[ more ] [ reply ]
yes. in this case big brother would use this technique to hide
a hash of your identity in the program, so it can find pirated copies.
something like the audio watermarking we've been hearing about a few months ago.
fortunately now that we know ...
[ more ] [ reply ]
In-place Tripwire
2003-03-06
Jens N.
Jens N.
Hi everybody,
I think that this technique is good to be used for tripwire-like purposes - imagine to patch gcc, so that it builds your system with a unique digital signature - the need for an additional tripwire-db would disapear.
(You also could "patch" every existing file but including the fun...
[ more ] [ reply ]
I think that this technique is good to be used for tripwire-like purposes - imagine to patch gcc, so that it builds your system with a unique digital signature - the need for an additional tripwire-db would disapear.
(You also could "patch" every existing file but including the fun...
[ more ] [ reply ]
Virus programs should freak...
2003-02-24
Snowdog
Snowdog
As I understand it, virus programs will use MD5 hashes as well as other types of program fingerprinting to verify programs. This method would undoubtedly set off alarms on these programs despite not changing the file size. The binary "signature" would still look different.
It seems like a cool...
[ more ] [ reply ]
It seems like a cool...
[ more ] [ reply ]
Program Hides Secret Messages in Executables
2003-02-28
Anonymous (1 replies)
Anonymous (1 replies)
It is not that new. The evalutation version of the A86 assembler for M$-DOS used the redundancy in the x86 instructionset to watermark generated object files. Or at least, that is what the manual told. I thought it was a neat idea, that has applications to licence management etc....
[ more ] [ reply ]
[ more ] [ reply ]
Program Hides Secret Messages in Executables
2003-02-28
Anonymous
Anonymous
Indeed A86 did actually do this, as the MOV instructions had not only a source and a destination, but also a direction (which was a bit of overkill on Intel's part). I subsequently used the technique to obfuscate my code so .EXE unpackers didn't recognise what the program had been compressed with.
...
[ more ] [ reply ]
...
[ more ] [ reply ]
Program Hides Secret Messages in Executables
2003-03-02
Anonymous (1 replies)
Anonymous (1 replies)
This is a quote from the story on a new steganographic tool called Hydan:
"Future version of Hydan will boost that capacity by finding different places to code data, such as in the order of a program's functions, and the order in which arguments are passed to those functions."
I want somebody...
[ more ] [ reply ]
"Future version of Hydan will boost that capacity by finding different places to code data, such as in the order of a program's functions, and the order in which arguments are passed to those functions."
I want somebody...
[ more ] [ reply ]
[ more ] [ reply ]