hello all
i want to make new kind of security system in linux
that system protect object file (*.out or *.o)
by injuction it by small friendly virus that make it can't work with out another rogramm in memory
tell now i can't do this step because the book i read not clear enough

please if any one can help me i'll be thankfull for him

To me that sounds like a non-friendly virus, if you think about it a bit farther. Sounds like a bad idea; security is not friendly viruses but getting rid of them all. Nuclear energy was to be something friendly too, but nowadays it's a pain in the ass.

Think about it.

Nothing new but that's a good exercise for testing purpose, NOT for servers.

A few years ago, there was some virii that encrypted the whole disk and installed a parasite module in memory that was decrypting on the fly.
As soon as the person discovered the virus, he would happily remove the module and reboot.
Uho the disk was then unreadable without this parasite, and the system had to be reinstalled..

So it can be used as a security measure depending on how its done.
The parasite can be a usb key,... quite common nowadays.

What you are trying to do is not an easy task.

Keep in mind that every program can be reverse engineered and that debugging your .o to patch so that the parasite is not needed anymore is easy. You might be better using complete encryption.

You also need to be a little bit more realistic about "protecting executables."

A friend of mine owned a very expensive 12-string guitar, which he stored in a cardboard case with the tiniest padlock that he could buy. This lock, he said, was "to keep the honest people out."

And that's pretty much what you can expect from software protection: "to keep the honest people out." It provides something that you can sell; something that the honest user (i.e. a "customer") must buy. It will not provide "uncrackable security." Not even encryption will ever do that!

A very smart hacker who is very determined (for some reason) to break into your program will do so. But the bizzare thing is, having done so, "the challenge of doing so is now gone." He shares his complicated system of patches (or his cracked code) with all of his "warez buddies," who gloatingly write it down, while muttering to each other using odd combinations of letters and digits meant to be read upside-down and backwards ... and then they move on, too. It is very unlikely, actually, that they will use your program. They were attracted to it in the first place just to crack it. In other words, they were never customers in the first place.

Don't let paranoia about "security" interfere with customers. Don't do things that will inconvenience or irritate customers. Those are the people who will happily pay you good money. The rest is, well, just what retailers call "shrink." Your store isn't in business for the shoplifters. You need, certainly, to prevent the shoplifters, but you must cater to the customers. Always. First.

Me? Well, if it's got a dongle then "no sale." Okay, that's just me, but that's me, and other customers might feel the same way. If the software has to "call home" in order to register then I need to know that up-front (because I might need to install on a computer with no Internet connection .. they do exist). If it needs or wants to "call home" in order to run, then once again No Sale. The guiding principle for dealing with Me is to .. first, kindly assume that I am honest (don't treat me like a thief), and .. second, make sure that I don't say "No Sale."

I agree with the idea that "nothing is uncrackable".

Securing a system is to add layers of complexity. Then you have to ask yourself: bad guy breaks this layer, what can he do. Never never say: this layer is impossible to crack, no need to put other security measure. Take the assumption that one layer has been cracked and go on hardening the system.
You have to keep in mind that there are thousands of medium/high skilled hackers that can break a lot of things. That's where opensource and trust help, some will show you the problems of your security system.


On the other hand, if you use an encrypted partition with encrypted swap and put the encrypted private key on an usb key, I'm not sure its crackable.... It is this mechanism that is used in well known big companies. Same for a vpn : the key is stored on an usb key.

I trust cryptography because it relies on a mathematical theorem. If you can't factorise a very big number into 2 prime numbers, you can't read the datas without the parasite. Or maybe I've been sleeping the last years and somebody broke AES ?
The security breaches for such systems can come from the implementation (/tmp , swap, rootkit, the key......)

hello and thanks for responding to me
the protection system i am making is for graduating project in IT collage
i make a program to insert the Friendly "virus" not bad virus but it didn't work
this system is very complicated and needs alot of time and the references for it is very little and not very useful

//moderator: 2 lines removed

thank all