Correct me if I'm wrong, but isn't it the *client* that verifies the final MD5 of the assembled file? In order for a MITM attack to be successful, the initial download of the stub from kazaa must be trojaned. This is done from the kazaa website (or CNET download.com). Later on, once Kazaa is fully installed, and you are downloading executables, then it's a different story. While this may in fact be possible (as the cited post about the FBI and Magic Lantern suggests), this is no longer a Kazaa-specific vulnerability, but instead the same generic issue we face with any downloaded executable. This was obviously brought to the forefront by the imporperly issued Microsoft code signing key that issued in error some time ago. Trusting downloaded software is a difficult proposition. The MS code signing key debacle showed that even a trusted third party has "oops"es and undoubtedly is vulnerable to arm-twisting by <insert three-letter agency here>. Cheers, Ben > -----Original Message----- > From: Valdis.Kletnieksat_private [mailto:Valdis.Kletnieksat_private] > Sent: Wednesday, February 13, 2002 11:30 AM > To: vuln-devat_private > Subject: Re: Infecting the KaZaA network? (moving here thread > from 'traq) > > > On Tue, 12 Feb 2002 17:48:13 EST, Shoten <shotenat_private> said: > > > Not to mention that in this case, the file with the same checksum > > would have to be EXACTLY the same size as the KaZaA > executable, AND be > > a functional virus on top of that. And even if you got all that, > > you'd have to worry about it getting mixed with a valid > client during > > download from multiple sources. For those who think this > is possible, > > go ahead and try...good luck > > This is all assuming, of course, that you have reason to > trust the original size and checksum, and that you have > reasonable assurance that you *are* in fact downloading from > multiple sources, at least one of which is not in collusion. > > How do you know that you aren't the victim of a > man-in-the-middle attack on your download? Before you say > "That can't be", go read this: > http://www.securityfocus.com/archive/1/245693 Hint: That's why the PGP documentation suggests key signing parties and verifying the footprint *over the phone*. -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
This archive was generated by hypermail 2b30 : Wed Feb 13 2002 - 20:27:07 PST