| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 19 Jul 2012 21:08:47 -0400 From: Glenn and Mary Everhart <everhart@....com> To: full-disclosure@...ts.grok.org.uk Subject: A modest proposal Hello, FD... A thought occurred to me: Why not use the same kind of polymorphism and software metamorphism that is used by malware writers as a protective measure? If you have a piece of code that you don't want malware to be able to inspect, that might perhaps have some "secrets" in it or that you want not to be trivial to have some other code patch, why not arrange for that code to be different in form (but the same in function) with every copy? (For places that insist on code that must be signed, you might need to have only perhaps scores or hundreds of variants, and then make it clear that the "signed code" requirements were making the systems that have them LESS secure than those without. <bwahahaha>. <grin>.) There are many ways to achieve this kind of result. Many would result in somewhat larger executables or the like, or possibly larger data, but some of the methods don't even need access to source code. (I would suspect many systems like this will be clearest to those of us who have worked in assembly languages and the like over the years, but that is a bit beside the point.) If every copy of a program is laid out differently, and data gets moved around also from copy to copy, the job of the attacker would seem to get much harder. Glenn Everhart _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists