Re: Bug#726393: solution via obfuscation

To: debian-curiosa@lists.debian.org
Subject: Re: Bug#726393: solution via obfuscation
From: Peter Samuelson <peters@p12n.org>
Date: Thu, 17 Oct 2013 18:02:47 -0500
Message-id: <[🔎] 20131017230247.GA3831@p12n.org>
In-reply-to: <87ob6nvn5k.fsf@cs.nuim.ie>
References: <87ob6nvn5k.fsf@cs.nuim.ie>

[Barak A. Pearlmutter]
> Perhaps this issue could be solved by manipulating source tarballs in
> question to obfuscate the problematic snippets.  Eg,
>  gpg  --encrypt --symmetric --passphrase WhiteList ICKY-FILE
> This would be unpacked appropriately at build time.

Hey I know.  To make extra sure that no Windows users get infected by
our viruses, we should pack them in several container layers to ensure
no user could possibly get the virus to execute by accident.

For example, what if we put the virus content in an email attachment,
then put the email in a mailbox file, then put the mailbox file in a
tarball, then put the tarball in an xz compression stream, then put the
xz stream in an 'ar' archive.  Surely _that_ would prevent anyone from
ever executing it by accident, and any virus scanner so thorough as to
flag it anyway would just be acting dumb at that point.

Reply to:

Prev by Date: Re: watch files failing due to usa government shutdown
Previous by thread: Re: watch files failing due to usa government shutdown
Index(es):
- Date
- Thread