tag:blogger.com,1999:blog-7347279.post2432199353835201665..comments2023-08-26T05:04:33.009-04:00Comments on anti-virus rants: what is polymorphism?kurt wismerhttp://www.blogger.com/profile/03810635947269551517noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-7347279.post-73945460328725539532007-08-11T01:53:00.000-04:002007-08-11T01:53:00.000-04:001) i don't think i've ever heard the label polymor...1) i don't think i've ever heard the label polymorphic applied to self-modifying programs before (though on some level it obviously applies)... thanks for that...<BR/><BR/>2) i guess i was intending the term armoured in an umbrella-term sort of way, though your description seems equally encompassing - 'programming tricks' could refer to anything and there was a time when simply encrypting code could be considered to have made at least disassembling and understanding the code more difficult (certainly more tedious)... on reading it again, though, i can see how one might interpret my use of 'armoured' to mean something much more specific than what i intended...kurt wismerhttps://www.blogger.com/profile/03810635947269551517noreply@blogger.comtag:blogger.com,1999:blog-7347279.post-90368745363230462112007-08-11T01:17:00.000-04:002007-08-11T01:17:00.000-04:001) Although I can't think of a good example right ...1) Although I can't think of a good example right now, polymorphism doesn't have to be restricted to self-replicating malware. For instance, a Trojan horse could polymorph its body every time it is executed.<BR/><BR/>2) Encryption with a constant key isn't armouring. Armouring is the use of programming tricks that make disassembling, debugging and understanding of the code difficult. For instance, the Whale virus is heavily armoured, despite that it doesn't use constant encryption. (It uses variable encryption and is, in fact, oligomorphic.)Vesshttps://www.blogger.com/profile/09226866181634905270noreply@blogger.com