Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Security - Standards and Policies on Packer Use


26 Oct 2010   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
Security - Standards and Policies on Packer Use

Quote:

For those people who missed my presentation at Virus Bulletin this year, I co-presented on the topic of "proper" packer usage. The idea of a “proper” way to use packers is two-fold:
(a) It reduces the prevalence of legitimate packers being used to pack malware.
(b) It makes it easier to identify packers which exist only to pack malware.
This is an industry-wide initiative, with backing from over a dozen security companies, including McAfee, Symantec, IBM, and Trend Micro. It also has the backing of some big packer vendors: Enigma, Obsidium, Oreans (the makers of Themida), and VMPSoft (the makers of VMProtect), but it's not limited to the people who sell packers - open-source packers will be supported, too. To quell any concerns, it's not being run by the anti-malware industry - we're just participants. The IEEE is in charge of it all.

Why do it at all? Imagine this situation: Alice is a packer vendor. She sells her product to Bob. Carol is an anti-malware vendor, and she also sells her product to Bob. Then along comes Dave, the malware author, who manages to steal Bob's copy of Alice's product, and uses it to pack malware. Carol now needs a way to identify the malware that is packed using Bob's stolen packer. How? Introducing "taggants."

A "taggant" is a block of data that can be used to identify a packer family, and protect a unique packer license ID, among other things. You might compare taggants to watermarks, which are another form of encoded unique identifier, but taggants provide their identifier information in a cryptographically secure fashion. That block of identifying data is protected by a strong cryptographic algorithm. If a packer includes a taggant in the packed file, then anti-malware software can know immediately if the packed sample was produced by a legitimate packer, or if that copy of the packer was stolen. If the packer was stolen, then the packed file could be immediately prevented from executing. The file doesn't even need to be unpacked to determine that, so the check is fast!

Best of all, the system will be free for all packer vendors to use, and it's completely transparent to the users.

Are you a packer vendor and want to sign on? For more information, you can review our VB 2010 presentation (.PPT), or you can read a paper I’ve co-authored on standards and policies (.PDF) for packer use available from my website.
Source -
Standards and Policies on Packer Use - Microsoft Malware Protection Center - Site Home - TechNet Blogs


My System SpecsSystem Spec
26 Oct 2010   #2
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

This sound like it would help honest people only and I think that is what it's meant for. Those that try to steel programs, movies, games, ect. will still get infected and that's good.
My System SpecsSystem Spec
Reply

 Security - Standards and Policies on Packer Use




Thread Tools



Similar help and support threads for2: Security - Standards and Policies on Packer Use
Thread Forum
Solved Local Security Policies vs NTFS Permissions System Security
Windows 7 Security Policies System Security
Microsoft: Google Lied About Security Standards ( ... ) News
IE8 and IE7 Standards Documentation. News
Standards Documentation for IE7 and IE8 News
More Standards Documentation Available News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 04:35 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App