Thanks JMI, I will check with 0xf001. I agree with both you and Taos on the lack of Linux protections... there are not so many reasons to protect something that is already open source and only a few commercial *nix apps. I just misread your last post.

Taos, yep I found that paper when I was searching for linux protections. I have to admit I haven't taken the time to really understand what they are doing (i.e., trying out their source code). It certainly seems like it would be effective to prevent traditional static analysis, but not dynamic analysis or emulation (I need to try Chris Eagle's ida pro x86 emulator plugin against it) Another thing to add to my list...