anti-tamper software
Ed Carp
ecarp at netcom.com
Fri Oct 13 08:17:46 PDT 1995
Thanks to all who replied to my request, although it seems I didn't quite
make it clear what I was looking for.
I'm not particularly interested in a strong cryptographic solution, as this
isn't intended to detect intentional tampering - just unintentional, such
as a bad spot on a hard drive or corruption. Turns out that Simtel has
a couple of such packages in /SimTel/msdos/virus - CVIRPROT.ZIP is enough
protection, although STEALTH.ZIP looked intriguing...
I was, however, interested in what Fred Cohen said about there being a generic
attack against such methods when applied to software protection against viruses
(virii?). Is there such a generic attack, besides the obvious of jumping around
the detection code? How about encrypting the executable, adding loader and
decryption code, then decrypting the executable at runtime - would that defeat
such an attack, or all such defenses doomed to failure?
--
Ed Carp, N7EKG Ed.Carp at linux.org, ecarp at netcom.com
214/993-3935 voicemail/digital pager
Finger ecarp at netcom.com for PGP 2.5 public key an88744 at anon.penet.fi
"Past the wounds of childhood, past the fallen dreams and the broken families,
through the hurt and the loss and the agony only the night ever hears, is a
waiting soul. Patient, permanent, abundant, it opens its infinite heart and
asks only one thing of you ... 'Remember who it is you really are.'"
-- "Losing Your Mind", Karen Alexander and Rick Boyes
More information about the cypherpunks-legacy
mailing list