[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Weak stenography.




Phil Karn:
> if they find "readdat.exe" on
> your PC, disassemble it and discover that it's a program to extract and
> decrypt ciphertext from DAT tapes, you're in trouble. And if you encrypt
> your copy of "readdat.exe", well, you now need a plaintext decryption
> program to decrypt THAT.

Perhaps some hacks (ab)used by virus writers might be useful here.
We might hide "readdat.exe" inside a larger "innocuous.exe" and
scramble it with the "mutation engine", which creates a unique signature 
for each copy of readdat.exe's code (including the engine itself, which
bootstraps from a very short common code sequence).  The result 
is they have no signature to search for, even if they already have 
a copy of "readdat.exe" and the mutation engine.

Nick Szabo				[email protected]