funsec mailing list archives
Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers
From: "r.b." <r.b.hicks () gmail com>
Date: Tue, 26 Jan 2010 20:44:35 +0100
On Tue, Jan 26, 2010 at 20:18, Rob, grandpa of Ryan, Trevor, Devon & Hannah <rMslade () shaw ca> wrote:
Date sent: Tue, 26 Jan 2010 18:24:16 +0100 From: "r.b." <r.b.hicks () gmail com>This makes great copy but it doesn't sound like they've heard about, or bothered to take into consideration: JITs Automated code generation OptimizersHaving dealt with linguistic forensics for decades, I can assure you that it is possible to identify authors and sources despite editors, publishers, and even mangling from electronic communications systems. There are a huge number of characteristics that can be used to identify people: my wife (who used to be a secretary) even found characteristics "line lengths" in stuff people wrote.
No argument at all with regard to human language.
When I got into software forensics, I found a wealth of identifiers there, too. Yes, the utilities and tools muddy some issues, but they turn out to create identifiers themselves, and the specific utilities and options used are also identifiers.
Do you mean digital documents and information in general, or actual binaries? What I'm getting at is that with compilation and the optimization voodoo performed by the tool chain tends to heavily modify an information. Add to that the that the "interesting" code may only be a small portion of to whole amount and the fact that it might be further obfuscated it doesn't seem realistic to me that there would be enough unique info to do this in any reliable sense.
Or a slipperier issue: Just because someone wrote the code doesn't mean they launched the attack.True. That's what court cases are for.
Yeah, but it'dbe a nightmare issuing subpoenas for the guy who made a virus kit and the ten gazillion little jerks that used it.
This idea has been hyped before without result. I don't expect that to change any time soon.Unfortunately, probably correct. There is a great deal of research out there, and wonderful stuff it is. But it does require testing and verification, and some money to put it all together. Empire building, political infighting, and corporate marketing of inferior products/services will doubtless ensure that it never gets used properly.
Indeed. -r
====================== (quote inserted randomly by Pegasus Mailer) rslade () vcn bc ca slade () victoria tc ca rslade () computercrime org If God had wanted us to vote, he would have given us candidates. - Jay Leno victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/NoticeBored http://twitter.com/rslade _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Larry Seltzer (Jan 26)
- Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers r.b. (Jan 26)
- Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 26)
- Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers r.b. (Jan 26)
- Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Rich Kulawiec (Jan 26)
- Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Dragos Ruiu (Jan 26)
- Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Larry Seltzer (Jan 26)
- Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Dragos Ruiu (Jan 26)
- Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 27)
- Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Chris Boyd (Jan 27)
- Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 26)
- Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers r.b. (Jan 26)