AARG and eugene are net.loons-why signatures of binaries always change.
Eugen Leitl
eugen at leitl.org
Fri Aug 9 15:55:21 PDT 2002
You're being quite creative with alternative spelling and punctuation.
However, if you think that provides sustainable stealth cover against a
competent attacker (TLA agencies must by now be really good with
linguistic forensics) you're fooling yourself.
For executable binary verification it is obviously necessary to use
compilers/linkers which don't write crap into the binary. Speaking of
which, given the size of the code blob one could as well use handcrafted
assembly. Also, using a standartized build environment is not exactly
rocket science, since one can checksum ISO images, too. Platinum Group
Linux would be a good name for the distro.
On Fri, 9 Aug 2002, cyphrpnk wrote:
> Hi all,
> Its obvious that some of us here are developers and still others
> have never typed make or gcc in their lives.
>
>
> -v and -V options given to various forms of ld caused the embeddment of
> version information in the binary(Sunpro does this also, AND early versions
> of MSC allowed embeddment of version information also.)
> The fact that most environments dont link -Bstatic and instead link
> -Bdynamic means that every time you attempt to produce a binary from
> 2 different systems that the dynamic link information will
> be different checkout link.h link_elf.h link_aout.h in /usr/include
>
>
> in addition MOST modern developement environments include a date field
> when compiled and linked in the binary
>
>
>
> sheesh
> a cypherpunk
> BTW. AARG and eugene are idiots nyah nyah nyah!!
More information about the cypherpunks-legacy
mailing list