Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
> From: Tom Metro [mailto:tmetro-blu-5a1Jt6qxUNc at public.gmane.org] > > I think the attack vector would be along the lines of an attacker > identifying one or more blocks of a privileged executable, creating > replacement blocks that have both malicious code and cause a hash > collision. They write the blocks to disk, and after the executable > restarts, they have control. Yup, interesting. It would be pretty difficult, however, because (a) identifying such an exploitable collision is so difficult, and (b) whichever data got written to disk first would be the copy that "wins." Meaning - The attacker could not look at an existing filesystem and then try to corrupt something that already exists. They would have to predict that an admin is going to install something, find the corrupted version of something, get the corrupted version onto disk first, and then get the admin to create what they think is a non-corrupted thing. Difficult, but certainly not impossible if verification is disabled.
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |