The CIA's "Development Tradecraft DOs and DON'Ts"

idilali's bookmarks 2017-03-14

Summary:

Useful best practices for malware writers, courtesy of the CIA. Seems like a lot of good advice. General: DO obfuscate or encrypt all strings and configuration data that directly relate to tool functionality. Consideration should be made to also only de-obfuscating strings in-memory at the moment the data is needed. When a previously de-obfuscated value is no longer needed, it...

Link:

https://www.schneier.com/blog/archives/2017/03/the_cias_develo.html

From feeds:

Data & Society » idilali's bookmarks
Gudgeon and gist » Schneier on Security
Berkman Center Community - Test » Schneier on Security

Tags:

tradecraft malware hacking encryption cryptography cia

Date tagged:

03/14/2017, 17:51

Date published:

03/14/2017, 13:51