encrypted executables
ari edelkind
edelkind-freebsd-hackers at episec.com
Thu Feb 21 06:16:16 UTC 2008
joerg at britannica.bec.de wrote:
> What prevents me from patching the kernel (!) to just ignore the
> resource limit? Nothing.
Exactly! I mean, it won't help that much if you have pages that haven't
been loaded or decrypted. But if you're patching the kernel anyway, you
can always have it log the decrypted pages as they're loaded.
There wasn't anything in my original e-mail that should make you think i
was claiming you couldn't defeat binary encryption and protection
measures (especially not the link that i included about defeating
shiva). But naive simplistic methods are... just that.
ari
More information about the freebsd-hackers
mailing list