Python3 returns syntax error:

[syspect-tech]

• I run the invisible-function.py in python3.7, but I get the following syntax error:

$ python3.7 invisible-function.py File "invisible-function.py", line 7 def is_​admin(): ^ SyntaxError: invalid character in identifier

$ python3.7 --version Python 3.7.9

Perhaps should note 'invisible-function.py' does not work on 3.7 MacOs.

• commenting-out.py does work in MacOs with Python 3.7 and print "You are an admin.". However, when looking at the code in Atom IDE, it does show the part of the code is greyed out although its not a clear indicator of a problem.

[nickboucher]

Please see Python/README.md, where it's already noted that the invisible characters in identifiers attack does not work against Python. The file referenced is included as a reproducible example of an attack that works in some other languages, but not in Python.

For a discussion of syntax highlighting, please see Section VII.C of the Trojan Source paper. In short, in some IDEs some attacks result in syntax highlighting such as this. The highlighting is far from universal across all platforms, and in some contexts may indicate to a developer (perhaps those that are more experienced) that an encoding attack is in place.