each time they replicate (make a new copy of themselves). The small amount of virus bootstrap code which is not encrypted is changed in each replication by dispursing random NOP's throughout the virus boostrap code. Thus each sample of polymorphic virus looks completely different to virus checking programs. The virus checking programs cannot use "signature" byte strings to detect polymorphic viruses.
Either he's explaining it wrong, or the author is actually foolish enough to
Granted the idiocy of Mr. High-and-Mighty Army Man's opinion of what people can and can't say, I couldn't help but point out two silly things in the message he's complaining about: [stuff deleted] think that people won't simply just IGNORE the randomly placed NOPs and only consider the other instruction codes in forming a signature(s). Wowie. Real programmers know that the strength of polymorphic code lies in the fact that the same instruction can be coded as numerous different opcodes on Intel processors. And...
I have seen something called D.A.M.E., also known as Dark Avenger Mutation Engine. This is a freeware polymorphic library/kernel/toolkit
Why does he keep referring to MtE, as "DAME"??? It never ceases to amaze me how such an elementary and sophomoric subject as viruses can cause the strangest reactions from some people. I think it has something to do with the noxious connotations of the word 'virus'. Maybe if we all just agreed to call them 'nuisance programs', like flies on a horse's rear-end, they wouldn't cause such fool panic. On a finer note, I know a couple more of my "non-privacy in the phone system" messages are in order, I was pleased by the response I got. I'll try and work myself into the mood.