Bugtraq mailing list archives
RE: Windows Server 2003 Security Guide available
From: Frank Knobbe <fknobbe () knobbeits com>
Date: 29 Apr 2003 00:52:50 -0500
On Fri, 2003-04-25 at 16:27, Jason Coombs wrote:
[...] For every .exe that Microsoft distributes, it should consider publishing a known good full-file hash code so that a hash verification tool of the user's choice can be used, on a platform of the user's choice, to verify that the file received over the network is the file they expected -- BEFORE attempting to use a tool like Windows Explorer to read structured information such as digital signature data out of the PE file's header sections. [...]
Jason, I'm not sure how much a file hash will do to alleviate your concern about MITM attacks. If for example MS web site gets hijacked, or somehow else someone is able to replace the downloadable files, what stops them from generating a new SHA-1 or MD5 hash? While hashes can verify the integrity of a file, it doesn't do anything to verify the authenticity of a file. That can only be done through a signature. Of course that requires you to actually trust such a signature/signer and trust in the method of verifying these signatures. It sounds like you find flaws in the signature verification of Explorer. While I agree that is substandard (how many patches are unsigned, but people install them anyway?), I do believe that only signatures can correct the deficiency you outline. In a perfect world, MS would make their white papers available in an widely adopted standard like PDF or PS files, and sign them using PGP/GPG. But since this is not a perfect world, and we have to accept proprietary .doc files or OS dependent executables, why not use a sub optimal verification process? Regards, Frank
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Windows Server 2003 Security Guide available Michael Howard (Apr 25)
- RE: Windows Server 2003 Security Guide available Jason Coombs (Apr 28)
- RE: Windows Server 2003 Security Guide available David F. Skoll (Apr 29)
- RE: Windows Server 2003 Security Guide available Uwe Betz (Apr 29)
- Re: Windows Server 2003 Security Guide available Lucas Holt (Apr 29)
- RE: Windows Server 2003 Security Guide available Frank Knobbe (Apr 29)
- RE: Windows Server 2003 Security Guide available Jason Coombs (Apr 29)
- RE: Windows Server 2003 Security Guide available David F. Skoll (Apr 29)
- <Possible follow-ups>
- RE: Windows Server 2003 Security Guide available paul (Apr 29)
- RE: Windows Server 2003 Security Guide available J.'LoneWolf' Mattsson (Apr 29)
- RE: Windows Server 2003 Security Guide available Jason Coombs (Apr 28)