So hopefully this is the start of a new blogging frenzy...
I was chatting to friend of mine about stuff I have been thinking about, and adding to my every growing list of to do lists.
One of the things I talked about a long while back now is a utility I wrote to analyse files for their entropy... in an attempt to ID malware using file compressors, and it works pretty well.
I was contemplating another strategy using the frequency of patterns to build an ID for a particular binary, this would be useless on compressed executables but!!!!
It could possibly be used to ID binaries built with different compilers/linkers even! I will report back on the success or failure at some point in the future.
Then today, http://www.theinquirer.net/default.aspx?article=33589 wow!!! is all I can say.