funsec mailing list archives
Re: idea
From: silky <michaelslists () gmail com>
Date: Fri, 2 Jan 2009 13:34:29 +1100
On Fri, Jan 2, 2009 at 12:32 PM, Mike Preston <mike () technomonk com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 silky wrote:I guess a trivial solution is just a bittorrent with relevant files in it. If AV companies issued updates out over BT as well, that would be nice. They could have a process of signing each update (do they already?) so that they're validated. Pretty trivial.But there is nothing to stop the tracker being blocked and to my knowledge the current Azureus DHT protocol requires a tracker to be present in the first place to allow peers to find each other to bootstrap the protocol.
No but you can have several trackers, and that's the point - decentralising the number of places that the download can be done; in an ad-hoc fashion.
The second problem, is that you are talking about opening up the computer while *downloading* security software to an untrusted network.
Eh? The idea was asking for ways to get the data. Why is downloading via bittorrent any different? Sure there could be bugs in your bit-torrent software, but still.
Perhaps a decent option is to just build a rescue mode into the computers and use that to download updated defs and then install them on the main install. The rescue mode could be hardened with minimal drivers and firewalled up the yangtse. Splashtop springs to mind, although this doesn't seem to have this capability on current implementations...
Sure but that won't be happening anytime soon, and is also probably too 'stable', in that it itself will become targeted.
As I said before, its not trivial but its solvable. Mike
-- noon silky http://www.boxofgoodfeelings.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: idea Matt Jonkman (Jan 01)