Dual use possibility of tools which strip metadata and build artifacts

[feikkiheikki]

Hi,

Have you considered the "dual use" possibility of the tools that strip away metadata and build artifacts?

Malware developed today still contain enough metadata and build artifacts that allow for somewhat reliable attribution or at the very least allows researchers worldwide connect different malware families to the same author(s).

Being able to easily strip build artifacts and metadata away from malicious software in order to avoid attribution will eventually happen if the usage of these tools becomes commonplace and provided that the tools work (nearly) flawlessly.

It's only a matter of time when and where we'll see the first nation state actors/other actors employing these tools, if it hasn't happened already.

From nation state actor standpoint it would make sense to encourage taking these tools into use and to develop them further, since eventually it means that only (the most capable) nation state actors have the means and capability to track who is developing what.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-general/attachments/20250312/bd22aa78/attachment.htm>