• tetris11
    link
    fedilink
    English
    arrow-up
    2
    ·
    4 months ago

    If keywords are a trigger, then one could run the whole script through a bash obfuscator. I hear you though, I just think testing for hardware trickery would be easier to detect than software trickery. Running lsusb would give you the device id which could be mapped back to the product page.

    • LainTrain@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      4 months ago

      Or you can just base64 encode/decode it. But that too is a common technique of obfuscation and I would be impressed and surprised if it didn’t also trigger an alert

      Running lsusb

      But that’s the thing. Nobody is going to be remoting into your machine and running lsusb on your computer without significant cause. If you’re that paranoid you can change the VID and PID and name ez pz.