From owner-freebsd-hackers  Sun Aug 23 23:48:06 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id XAA03056
          for freebsd-hackers-outgoing; Sun, 23 Aug 1998 23:48:06 -0700 (PDT)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from apollo.ptway.com (apollo.ptway.com [199.176.148.3])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA03007
          for <hackers@FreeBSD.ORG>; Sun, 23 Aug 1998 23:47:57 -0700 (PDT)
          (envelope-from haskin@ptway.com)
Received: from brianjr (204R1.infinitecom.com [199.176.148.71] (may be forged))
	by apollo.ptway.com (8.8.7/8.8.7) with SMTP id BAA03411;
	Mon, 24 Aug 1998 01:50:30 -0400
Message-ID: <002801bdcf2b$06858940$0b00000a@brianjr.haskin.org>
From: "Brian Haskin" <haskin@ptway.com>
To: "Brian Beattie" <beattie@aracnet.com>
Cc: <hackers@FreeBSD.ORG>
Subject: Re: I want to break binary compatibility.
Date: Mon, 24 Aug 1998 02:46:42 -0400
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 4.72.3110.5
X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


-----Original Message-----
From: Brian Beattie <beattie@aracnet.com>
To: Mikael Karpberg <karpen@ocean.campus.luth.se>
Cc: B. Richardson <rabtter@aye.net>; hackers@FreeBSD.ORG
<hackers@FreeBSD.ORG>
Date: Sunday, August 23, 1998 9:16 PM
Subject: Re: I want to break binary compatibility.


>This approach will no no good, if the hackesr can down load a binary,
>because they see what has been done.  I thought scrambling the syscall
>table was good but it also falls to the dowloaded binaty, although it is a
>lot harder to decipher.  I was thinking you could encrypt all your
>binariaes and use a scheme like the compressed executables.  unfortubately
>this would fall prey to the know plaintext attack.
>

umm, any decent modern block cipher can withstand a plaintext attack.

That being said it really doesn't provide you with much more protection than
simply chmoding your executables to execute only, no read access. Because
you have to keep the key somewhere on the system and if they can get around
not having read access on the executable they can probably read where ever
it is you have the key stored. It would also add quite a bit of overhead
when opening a program.

Brian Haskin
haskin@ptway.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message