When you execute it, though, the computer understands it and runs it without a problem. This is called executable code or machine code. Some clever people a few years ago realized that some machine code has normal letter representations so if you create your program by using only those characters you can have a working executable that can be displayed on your screen and not look like garbage.
The first ones to put this concept to use were the guys who created the EICAR antivirus test string. They managed to create a working program that displays a plain-text message on your screen by using only regular "executable text". This week, some team of researchers have taken this concept further and by studying what executable commands look like, they have created a way of expressing them by using plain English. The resulting words don't make a lot of sense but they can throw antivirus researchers off by making them think that some bad code is only a bunch of text.
It's a very interesting concept that can be best applied to short pieces of code, like malicious exploits and the such. This concept of "readable executable text" is tantalizing and scary at the same time. I don't know if the bad guys will ever use this or they are too busy churning out boatloads of regular bad code instead but it's definitely a possibility. For the moment, the paper is being exchanged in underground circles already. Time will tell.
No comments:
Post a Comment