Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Security - Standards and Policies on Packer Use

26 Oct 2010   #1

Win 7 Ultimate 64-bit. SP1.
Security - Standards and Policies on Packer Use


For those people who missed my presentation at Virus Bulletin this year, I co-presented on the topic of "proper" packer usage. The idea of a “proper” way to use packers is two-fold:
(a) It reduces the prevalence of legitimate packers being used to pack malware.
(b) It makes it easier to identify packers which exist only to pack malware.
This is an industry-wide initiative, with backing from over a dozen security companies, including McAfee, Symantec, IBM, and Trend Micro. It also has the backing of some big packer vendors: Enigma, Obsidium, Oreans (the makers of Themida), and VMPSoft (the makers of VMProtect), but it's not limited to the people who sell packers - open-source packers will be supported, too. To quell any concerns, it's not being run by the anti-malware industry - we're just participants. The IEEE is in charge of it all.

Why do it at all? Imagine this situation: Alice is a packer vendor. She sells her product to Bob. Carol is an anti-malware vendor, and she also sells her product to Bob. Then along comes Dave, the malware author, who manages to steal Bob's copy of Alice's product, and uses it to pack malware. Carol now needs a way to identify the malware that is packed using Bob's stolen packer. How? Introducing "taggants."

A "taggant" is a block of data that can be used to identify a packer family, and protect a unique packer license ID, among other things. You might compare taggants to watermarks, which are another form of encoded unique identifier, but taggants provide their identifier information in a cryptographically secure fashion. That block of identifying data is protected by a strong cryptographic algorithm. If a packer includes a taggant in the packed file, then anti-malware software can know immediately if the packed sample was produced by a legitimate packer, or if that copy of the packer was stolen. If the packer was stolen, then the packed file could be immediately prevented from executing. The file doesn't even need to be unpacked to determine that, so the check is fast!

Best of all, the system will be free for all packer vendors to use, and it's completely transparent to the users.

Are you a packer vendor and want to sign on? For more information, you can review our VB 2010 presentation (.PPT), or you can read a paper I’ve co-authored on standards and policies (.PDF) for packer use available from my website.
Source -
Standards and Policies on Packer Use - Microsoft Malware Protection Center - Site Home - TechNet Blogs

My System SpecsSystem Spec
26 Oct 2010   #2
Layback Bear

Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64

This sound like it would help honest people only and I think that is what it's meant for. Those that try to steel programs, movies, games, ect. will still get infected and that's good.
My System SpecsSystem Spec

 Security - Standards and Policies on Packer Use

Thread Tools

Similar help and support threads
Thread Forum
Local Security Policies vs NTFS Permissions
Hi All. What exactly is the difference between Local Security Policies and NTFS permissions. Scenario: I want to add a power user to my computer with the following do's and don'ts: Do's: Can Do all the things a Power user can such as: Installing programs and devices, drivers, access...
System Security
Windows 7 Security Policies
Hey there, I am currently in a Computer Technology course and I have a project requiring me to find Security Policies that have to do with Windows 7. I have searched the internet quite a bit and have come up with nothing. If someone could either acknowledge me or point me in the right direction I...
System Security
Microsoft: Google Lied About Security Standards ( ... )
Read more at: Microsoft: Google Lied About Security Standards of Its Cloud Suite for Government Customers - Softpedia
Standards Documentation for IE7 and IE8
More Standards Documentation Available

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 06:27.
Twitter Facebook Google+