On 2015-06-27, Randall Smith <rand...@tnr.cc> wrote: > Thankyou. Nice points. I do think given the risks (there are always > risks) discussed, a successful attack of this nature is not very likely. > Worse case, something that looks like this would land on the disk. > > crc32 checksum + translation table + malware > > with a generated base64 name and no extension.
I'm not sure why you're bothering with the checksum, it doesn't seem to me that it buys you anything. Personally I'd do something like this (pseudocode): def obfuscate(data): encode_key = list(range(256)) random.shuffle(encode_key) encode_key = bytes(encode_key) decode_key = bytes(encode_key.index(i) for i in range(256)) return decode_key + data.translate(encode_key) + decode_key def deobfuscate(data): return data[256:-256].translate(data[:256]) The reason for appending the key as well as prepending it is that some anti-virus or malware scanners may well look at the last part of the file first, so putting something entirely locally-generated there may add a bit of safety. You could also simply pad with nulls or something of course, but again I can imagine some tools skipping backwards past nulls. -- https://mail.python.org/mailman/listinfo/python-list