Vulnerability Development mailing list archives
Re: Infecting the KaZaA network? (moving here thread from 'traq)
From: Valdis.Kletnieks () vt edu
Date: Wed, 13 Feb 2002 11:29:34 -0500
On Tue, 12 Feb 2002 17:48:13 EST, Shoten <shoten () starpower net> said:
Not to mention that in this case, the file with the same checksum would have to be EXACTLY the same size as the KaZaA executable, AND be a functional virus on top of that. And even if you got all that, you'd have to worry about it getting mixed with a valid client during download from multiple sources. For those who think this is possible, go ahead and try...good luck
This is all assuming, of course, that you have reason to trust the original size and checksum, and that you have reasonable assurance that you *are* in fact downloading from multiple sources, at least one of which is not in collusion. How do you know that you aren't the victim of a man-in-the-middle attack on your download? Before you say "That can't be", go read this: http://www.securityfocus.com/archive/1/245693 Hint: That's why the PGP documentation suggests key signing parties and verifying the footprint *over the phone*. -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
Attachment:
_bin
Description:
Current thread:
- Re: Infecting the KaZaA network? (moving here thread from 'traq) Raistlin (Feb 08)
- Re: Infecting the KaZaA network? (moving here thread from 'traq) John Hall (Feb 10)
- <Possible follow-ups>
- Re: Infecting the KaZaA network? (moving here thread from 'traq) nestler (Feb 12)
- Re: Infecting the KaZaA network? (moving here thread from 'traq) Shoten (Feb 12)
- Re: Infecting the KaZaA network? (moving here thread from 'traq) Valdis . Kletnieks (Feb 13)
- RE: Infecting the KaZaA network? (moving here thread from 'traq) Benjamin P. Grubin (Feb 13)
- Re: Infecting the KaZaA network? (moving here thread from 'traq) Valdis . Kletnieks (Feb 14)
- Re: Infecting the KaZaA network? (moving here thread from 'traq) Shoten (Feb 12)
- RE: Infecting the KaZaA network? (moving here thread from 'traq) Benjamin P. Grubin (Feb 16)