A Format Stripper Can Assist White Hat

Red Pill; White Hat; Blue Team!

Source Code uses only printable characters. Unicode provides for fonts, control codes and many other bells and whistles. However, Unicode does not expand the vocabulary of source code.

As such, source code that is tampered with control codes introduced to the text file or the editor (by a bad actor or automaton,) can be scrubbed by a format stripper.

One notable "virus," introduces hidden control codes to combine the direction the processor "parses," from left to right v right to left. Based upon a foundation of tampering direction codes, the file or editor is directed to corrupt the program logic by tampering indentation. This is of less concern with c++20 and other semi-colon delimited languages, but Black Hat has devised improvements, inspired by success against Python using the older method.

The strategy to compile a source-code scrubber would be to read the file in 8-bit bytes, assessing which are ASCII and which are not. Only a finite number of ASCII codes are printable, <tab> among them. By writing out ONLY ASCII/PRINTABLE CHARS, computer users can remove malicious control codes.

While this suggestion can be of substantive assistance to White Hat, Blue team needs to work with knowledgable law enforcement to deter Black Hat that employs so willful an expedient.

There is a time and place to meter the response by the provocation and a time to employ an irrevokable solution.

Tampering logic verges psychological torture. Torture is a violation of the Geneva Conventions!

...and disrupting communications is a tactic of war.

Comments

Post a Comment

Popular posts from this blog

A Question About Erasthmus' Sieve

Students of Mathematics are familiar with Erasthmus' Sieve. 2     x 3          x                4       x 5               x 6     x     x 7 8     x 9          x 10       x          x 11 12     x     x 13 14     x 15          x     x 16     x 17 18     x     x 19 20     x          x 21          x 22     x 23 First, we strike all multiples of 2 up to the square root (5.) Then all multiples of 3, then all multiples of 5, etc. I wrote a digital implementation of the Sieve, and used the index cr...
Read more

An Improvement To The Three Second Hold Rule

The rule that a broker has to hold a share for three (3) seconds, or one hundred shares for three hundred (300) seconds, can be improved. Brokers wishing to game the system will simply proliferate buy orders, and hold multiple buys of consolidated numbers of shares for three (3) seconds. To limit this, each broker could be limited to one buy per second. In this way, if he wishes to invest in 60 companies, he will have to use 60 seconds to put the buy orders in. If he wished to buy 1,000,000 shares, but only wishes to hold them for 1000 seconds ( 16.6 minutes,) he would be forced to put in 1000 buys of 1000 shares each. This process would force him to use 16.6 minutes in the buy process, after which each individual buy would be ready to sell in 50 minutes.  Computer programs written to optimize time to hold v time to buy would be forced to keep track of all the buy orders.  An alternative would be to attempt to consolidate all buy orders, but this is game-able by a round robin ...
Read more

Notice of corrupted results: Vigenere may yet be found to be a "group."

Retraction: It is with regret that I do not delete the previous post. I am an individual, not an organization, and I failed to adequately double-check my results, but I am leaving the post to maintain some accountability. I am able to definitively say that the script for 2chars_from_file.py DOES NOT yield an exhaustive list. It develops the ciphertext for all 2 Char combinations of the FIRST 10, three character ciphertexts. This is not due to a logic error, but rather there is a virus that corrupts the indentation of the two write statements.  This may be verified by downloading the relevant code, and examining it, and running it if needed, against the relevant datafile. It is difficult to be exhaustively correct about ALL of the scripts. This calls ALL of my results in question, with regard to the qualification of a mathematical group. If Vigenere IS a group, the resulting substitution is still valid, but there exist 6 Char passwords that will accomplish the same encryption in ONE...
Read more