On Mon, 2002-10-14 at 15:59, Dan Kaminsky wrote: > Dave Aitel wrote: > > >On Mon, 2002-10-14 at 14:40, Dan Kaminsky wrote: > > > > > > > >>> > >>> > >>> > >>> > >>For remotely computed data / hashes, you can't -- thus the folly of > >>trusting MD5 hashes on critical files downloaded off of untrusted > >>servers. If somebody can modify the tarball, they can probably modify > >>the hash too. > >> > >> > > > >Well, not always, if there is a semi-trusted third party or two - see > >http://www.immunitysec.com/hashdb.html for one implementation of this > >sort of thing. > > > > > > > Cool stuff there! Maybe host the DB over DNS or something trivial. > hash.filename.immunitysec.com :-) > > Incidentally, Bitzi was/is trying to do something like your stuff for > arbitrary data -- they didn't care what(P2P), they just hosted the > translation between hash to content. Genuinely cool crypto, using > Merkle's old Hash Tree concept. > > The great thing about hash trees is that you don't need the entire file > to find out you're being fed bad data. > > I believe Bitzi opened their code, too: www.bitzi.com. > > --Dan > Cool. I'd go look at that, but 10000 people are currently grabbing SPIKE Proxy or SPIKE looking for that IIS DoS, which means my network connection is swamped. I squeeze my e-mail through, though. :> Any solution to this problem would be good - be it mine, or something else. I'm really tired of hearing about opensource.tar.gz getting trojaned. If Ximian, Freshmeat.net, Akamai or something would host a HashDB server, we could be done with that stuff once and for all. As it is, you're only protected for files that I have bothered to go out and grab, or validated off of announcements. -- Dave Aitel <daveat_private> Immunity, Inc
This archive was generated by hypermail 2b30 : Mon Oct 14 2002 - 13:05:17 PDT