On 2015-06-27, Randall Smith <rand...@tnr.cc> wrote:
> Thankyou. Nice points. I do think given the risks (there are always
> risks) discussed, a successful attack of this nature is not very likely.
> Worse case, something that looks like this would land on the disk.
>
> crc32 checksum + translation table + malware
>
> with a generated base64 name and no extension.
I'm not sure why you're bothering with the checksum, it doesn't seem
to me that it buys you anything. Personally I'd do something like
this (pseudocode):
def obfuscate(data):
encode_key = list(range(256))
random.shuffle(encode_key)
encode_key = bytes(encode_key)
decode_key = bytes(encode_key.index(i) for i in range(256))
return decode_key + data.translate(encode_key) + decode_key
def deobfuscate(data):
return data[256:-256].translate(data[:256])
The reason for appending the key as well as prepending it is that some
anti-virus or malware scanners may well look at the last part of the
file first, so putting something entirely locally-generated there may
add a bit of safety. You could also simply pad with nulls or something
of course, but again I can imagine some tools skipping backwards past
nulls.
--
https://mail.python.org/mailman/listinfo/python-list
