Re: Infecting the KaZaA network? (moving here thread from 'traq)

[Valdis.Kletnieks () vt edu]

On Wed, 13 Feb 2002 19:52:33 EST, you said:
> Correct me if I'm wrong, but isn't it the *client* that verifies the
> final MD5 of the assembled file?

Correct, but it needs something to compare it to..

> In order for a MITM attack to be successful, the initial download of the
> stub from kazaa must be trojaned.  This is done from the kazaa website

Also correct.  Notice however that if the initial stub is compromised,
it's "game over".  The kazaa scheme *is* certainly much more secure than
not doing anything at all, and *does* close down most of the vulnerabilities
quite nicely - but it *is* still vulnerable to a number of fairly obvious
attacks.

> Trusting downloaded software is a difficult proposition.  The MS code
> signing key debacle showed that even a trusted third party has "oops"es
> and undoubtedly is vulnerable to arm-twisting by <insert three-letter
> agency here>.  

Also correct, and my point - simply saying "it *must* be safe because it
made some attempt to protect itself" has its own vulnerabilities, and that
there needs to be an out-of-band way to verify what's going on.

I don't mind if people say "OK, kazaa's scheme is secure enough for
me, my threat model doesn't include the sort of subterfuge required".
It's just the implication that since kazaa does X, Y, and Z, that the
download is guaranteed safe.

Remember - just because Larry Ellison says Oracle is "unbreakable",
doesn't mean it is so.  ;)

-- 
                                Valdis Kletnieks
                                Computer Systems Senior Engineer
                                Virginia Tech

Attachment: _bin
Description: