From owner-freebsd-hackers@FreeBSD.ORG  Thu Feb 21 06:16:16 2008
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id ABCCB16A402
	for <freebsd-hackers@freebsd.org>; Thu, 21 Feb 2008 06:16:16 +0000 (UTC)
	(envelope-from edelkind-freebsd-hackers@episec.com)
Received: from episec.com (episec.com [69.55.237.141])
	by mx1.freebsd.org (Postfix) with SMTP id 79F0413C45D
	for <freebsd-hackers@freebsd.org>; Thu, 21 Feb 2008 06:16:16 +0000 (UTC)
	(envelope-from edelkind-freebsd-hackers@episec.com)
Received: (qmail 81853 invoked by uid 1024); 21 Feb 2008 06:16:16 -0000
Date: Thu, 21 Feb 2008 01:16:16 -0500
From: ari edelkind <edelkind-freebsd-hackers@episec.com>
To: freebsd-hackers@freebsd.org
Message-ID: <20080221061616.GJ79355@episec.com>
Mail-Followup-To: ari edelkind <edelkind-freebsd-hackers@episec.com>,
	freebsd-hackers@freebsd.org
References: <86068e730802181718s1ad50d3axeae0dde119ddcf92@mail.gmail.com>
	<47BA3334.4040707@andric.com>
	<86068e730802181954t52e4e05ay65e04c5f6de9b78a@mail.gmail.com>
	<20080219040912.GA14809@kobe.laptop>
	<f8e3d83f0802200451r463f188bn881268b9b2768846@mail.gmail.com>
	<47BCD34F.7010309@freebsd.org> <20080221023902.GI79355@episec.com>
	<20080221031856.GA17599@britannica.bec.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20080221031856.GA17599@britannica.bec.de>
Subject: Re: encrypted executables
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Feb 2008 06:16:16 -0000

joerg@britannica.bec.de wrote:
> What prevents me from patching the kernel (!) to just ignore the
> resource limit? Nothing.

Exactly!  I mean, it won't help that much if you have pages that haven't
been loaded or decrypted.  But if you're patching the kernel anyway, you
can always have it log the decrypted pages as they're loaded.

There wasn't anything in my original e-mail that should make you think i
was claiming you couldn't defeat binary encryption and protection
measures (especially not the link that i included about defeating
shiva).  But naive simplistic methods are... just that.

ari