funsec mailing list archives

Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers

From: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rMslade () shaw ca>
Date: Tue, 26 Jan 2010 11:18:54 -0800

Date sent:              Tue, 26 Jan 2010 18:24:16 +0100
From:                   "r.b." <r.b.hicks () gmail com>

This makes great copy but it doesn't sound like they've heard about,
or bothered to take into consideration:

JITs
Automated code generation
Optimizers


Having dealt with linguistic forensics for decades, I can assure you that it is 
possible to identify authors and sources despite editors, publishers, and even 
mangling from electronic communications systems.  There are a huge number of 
characteristics that can be used to identify people: my wife (who used to be a 
secretary) even found characteristics "line lengths" in stuff people wrote.

When I got into software forensics, I found a wealth of identifiers there, too.  Yes, 
the utilities and tools muddy some issues, but they turn out to create identifiers 
themselves, and the specific utilities and options used are also identifiers.

Or a slipperier issue:

Just because someone wrote the code doesn't mean they launched the attack.


True.  That's what court cases are for.

This idea has been hyped before without result. I don't expect that to
change any time soon.


Unfortunately, probably correct.  There is a great deal of research out there, and 
wonderful stuff it is.  But it does require testing and verification, and some money 
to put it all together.  Empire building, political infighting, and corporate 
marketing of inferior products/services will doubtless ensure that it never gets used 
properly.

======================  (quote inserted randomly by Pegasus Mailer)
rslade () vcn bc ca     slade () victoria tc ca     rslade () computercrime org
If God had wanted us to vote, he would have given us candidates.
                                                          - Jay Leno
victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/NoticeBored http://twitter.com/rslade
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Larry Seltzer (Jan 26)
- Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers r.b. (Jan 26)
  - Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 26)
    - Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers r.b. (Jan 26)
    - Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Rich Kulawiec (Jan 26)
  - Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Dragos Ruiu (Jan 26)
    - Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Larry Seltzer (Jan 26)
    - Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Dragos Ruiu (Jan 26)
    - Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 27)
    - Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers Chris Boyd (Jan 27)
- Re: Wired: Pentagon Searches for 'Digital DNA' to Identify Hackers phester (Jan 28)