On Wed 24 Feb 2016 at 10:58:56 (+0100), Nicolas George wrote:
> Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit :
> > Well, md5 beats md4
>
> There is something wrong in your library.
Thanks for your misplaced confidence in me. It was my timing
that wasn't rigorous enough.
Cheers,
David.
Hi,
Henrique de Moraes Holschuh wrote:
> MD5 alone can be somewhat dangerous even in benevolent environments: if the
> data sets are large enough or you are just unlucky,
The size of the data set does not matter much.
As already stated, there is the Pidgeon Hole Principle, which tells
us that a 1
On 02/25/2016 03:07 PM, Stefan Monnier wrote:
>> MD5 alone can be somewhat dangerous even in benevolent environments: if the
>> data sets are large enough or you are just unlucky, you are going to hit a
>> colision and corrupt-or-lose-data-on-dedup sooner or later.
>
> [G]it doesn't seem worried a
>> MD5 alone can be somewhat dangerous even in benevolent environments: if the
>> data sets are large enough or you are just unlucky, you are going to hit a
>> colision and corrupt-or-lose-data-on-dedup sooner or later.
> it doesn't seem worried about this. Admittedly, they use sha1 rather
^
G
> MD5 alone can be somewhat dangerous even in benevolent environments: if the
> data sets are large enough or you are just unlucky, you are going to hit a
> colision and corrupt-or-lose-data-on-dedup sooner or later.
it doesn't seem worried about this. Admittedly, they use sha1 rather
than md5, s
On Tue, 23 Feb 2016, David Wright wrote:
> 1) I do what fdupes does, ie identify files (in a benevolent
>environment) using the MD5 signature to detect duplicate
>contents.
MD5 alone can be somewhat dangerous even in benevolent environments: if the
data sets are large enough or you are jus
On 23/02/16 05:50, Thomas Schmitt wrote:
> But my curiosity is about whether i indirectly helped the hackers.
Technology is just that, technology. With the exception of land mines,
it mostly is neither good nor bad itself, it's how it's used, and many
tools can be used for both.
Software is no d
On 02/24/2016 01:48 PM, Nicolas George wrote:
> Le sextidi 6 ventôse, an CCXXIV, Christian Seiler a écrit :
>> Yes, I know what an HMAC is. But an HMAC is _utterly_ useless for a
>> digital signature.
>
> Please stop commenting the finger when I try to show you the moon.
The problem is that you w
On Thu, Feb 25, 2016 at 12:18:40AM +1100, Andrew McGlashan wrote:
> https://en.wikipedia.org/wiki/Mega_%28service%29
>
> "In July 2015, Dotcom said he doesn't trust Mega service in a Q&A
> session with tech website Slashdot, claims the company had "suffered
> from a hostile takeover by a Chinese i
On 24/02/2016 11:47 PM, Thomas Schmitt wrote:
> I wrote:
>>> ... google ... Kim Schmitz ... rofl ... i am not that curious.
>
> Andrew McGlashan wrote:
>> Actually he doesn't run mega.nz any longer and he has said that he
>> wouldn't trust the site now due to current ownership
>
> Now is this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Feb 24, 2016 at 01:47:57PM +0100, Thomas Schmitt wrote:
> Hi,
[...]
> A large file emerges in ~/Desktop. (I am wearing my garlic necklace now,
> spraying holy water, and looking up witch signs in the Malleus Maleficarum.)
A nice and entertain
Le sextidi 6 ventôse, an CCXXIV, Christian Seiler a écrit :
> Yes, I know what an HMAC is. But an HMAC is _utterly_ useless for a
> digital signature.
Please stop commenting the finger when I try to show you the moon.
I was not saying that HMAC are useful for digital signatures, I was giving
anot
Hi,
an interesting detail in advance:
It does not boot from USB stick. Too dumb for that.
>From DVD it boots only via BIOS or EFI BIOS emulation, not via
generic EFI.
I wrote:
> > ... google ... Kim Schmitz ... rofl ... i am not that curious.
Andrew McGlashan wrote:
> Actually he doesn't run m
>> So a valid way to construct an OpenPGP v4 signature would be to
>> use
>>
>> H(contents || 0x04 0x00 0x01 0x08 0x00 0x00)
>>
>> as the input for the RSA algorithm (and then pack that up in a
>> nice OpenPGP packet).
>
> I did not have the reference of what OpenPGP does near at hand, I was more
On 24/02/16 22:50, Nicolas George wrote:
> Le sextidi 6 ventôse, an CCXXIV, Richard Hector a écrit :
>> Fair enough. Got a link to someone else's explanation?
>
> Sorry, I do not. But I gave a rather lengthy explanation myself in
> the part you trimmed.
Oh, ok. I assumed from your comment about n
Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit :
> Well, md5 beats md4
There is something wrong in your library.
Regards,
--
Nicolas George
signature.asc
Description: Digital signature
Le quintidi 5 ventôse, an CCXXIV, Christian Seiler a écrit :
> But if you say what Debian is doing is a mistake, then this _is_ what
> you are talking about.
I am quite sure of what I am talking about and what I am not talking about.
> This is decisively not true when we are talking about signing
Le sextidi 6 ventôse, an CCXXIV, Richard Hector a écrit :
> Fair enough. Got a link to someone else's explanation?
Sorry, I do not. But I gave a rather lengthy explanation myself in the part
you trimmed.
Regards,
--
Nicolas George
signature.asc
Description: Digital signature
On 24/02/16 07:52, Nicolas George wrote:
> Le quintidi 5 ventôse, an CCXXIV, Christian Seiler a écrit :
>> > You have _emphasized_ it, but you haven't _explained_ it, nor provided
>> > any search term one could use to look up an explanation for it.
> Explaining takes time, I do not want to do it if
On 23/02/2016 10:02 PM, Thomas Schmitt wrote:
> Hi,
>
> Nicolas George wrote:
>> Of course, that does not mean MD5 and SHA-1 should be used nowadays. New
>> theoretical attacks are found, keeping using hashes with known weaknesses is
>> stupid.
>
> The ISO checksums are provided more for transp
On 23/02/2016 9:50 AM, Thomas Schmitt wrote:
> Hi,
>
> Sven Hartge wrote:
>> You cannot wget a mega.nz URL. You have to use a Javascript-enabled
>> Browser to get the file.
>
> Shall i really enable insecure Javascript to download a malicious ISO ?
>
> ... google ... Kim Schmitz ... rofl ... i
On Tue 23 Feb 2016 at 16:58:38 (+0100), Nicolas George wrote:
> Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit :
> > 1) I do what fdupes does, ie identify files (in a benevolent
> >environment) using the MD5 signature to detect duplicate
> >contents.
>
> You did not specify the ave
On 02/23/2016 07:52 PM, Nicolas George wrote:
> What you quote is about signing a summary of files at once versus signing
> each file individually. This is not what I was talking about. What I was
> talking about was signing the file contents itself versus signing the hash
> of the file.
But if yo
Le quintidi 5 ventôse, an CCXXIV, Christian Seiler a écrit :
> You have _emphasized_ it, but you haven't _explained_ it, nor provided
> any search term one could use to look up an explanation for it.
Explaining takes time, I do not want to do it if nobody will read it.
> Why is what Debian does a
On 02/23/2016 04:49 PM, Nicolas George wrote:
> Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
>> If the SHA512SUMS.sign
>
> Stop right there. Signing a bunch of hashes is a beginner's mistake, I have
> already emphasized that in this thread.
You have _emphasized_ it, but you haven't
Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
> You have unsurpassable objections against variants which might not
> much weaken the strength of PGP ?
> Not even willing to consider the constraints of such variants ?
I have no idea what you are trying to express.
> Despite leading de
> The collisions are not known, and very unlikely, but "absolute" means
> absolute, not "very likely".
from the way you stated:
> These are all cryptographic hash functions: too strong for a preliminary
> test, insufficient for absolute certainty.
I understood you suggest there is a relevant leve
Le quintidi 5 ventôse, an CCXXIV, arian a écrit :
> where do you get that these are "insufficient for absolute certainty"?
> (beside maybe md4)
> there are no known collisions in sha1 and better, and even md4's preimage
> attack has complexity 2^102. [1,2]
There are collisions for SHA1 as soon as
Hi,
Nicolas George wrote:
> Signing a bunch of hashes is a beginner's mistake,
You have unsurpassable objections against variants which might not
much weaken the strength of PGP ?
Not even willing to consider the constraints of such variants ?
I assume this was discussed among DDs and they weigh
> and even md4's preimage attack has complexity 2^102. [1,2]
sorry, forgot the quotes:
[1] https://en.wikipedia.org/wiki/Preimage_attack
[2] https://en.wikipedia.org/wiki/MD4#Security
signature.asc
Description: OpenPGP digital signature
> These are all cryptographic hash functions: too strong for a preliminary
> test, insufficient for absolute certainty.
where do you get that these are "insufficient for absolute certainty"? (beside
maybe md4)
there are no known collisions in sha1 and better, and even md4's preimage
attack has
Le quintidi 5 ventôse, an CCXXIV, Seeker a écrit :
> If you take security out of the equation, simple true or false.
>
> 1. A corrupted download is better able to be detected when using MD5 than it
> is with CRC32.
>
> 2. A corrupted download is better able to be detected when using SHA than it
>
On 2/23/2016 3:08 AM, Nicolas George wrote:
Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
The ISO checksums are provided more for transport verification than
for the fight against intentional mainpulation.
If that were true, CRC32 would be enough.
Is that a 'Law of averages' t
Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit :
> 1) I do what fdupes does, ie identify files (in a benevolent
>environment) using the MD5 signature to detect duplicate
>contents.
You did not specify the average size of files nor how sure you want to be.
If the files are large, I
On Tue 23 Feb 2016 at 16:04:37 (+0100), Nicolas George wrote:
> Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit :
> > Any faster ones that you recommend from the lists below? (I've rolled
> > my own implementation of fdupes (which uses MD5) in python.)
>
> Nobody can recommend anything with
Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
> Only as far as use cases for Debian ISO image hashs are concerned.
> No hash collisions among all Debian ISOs (or better all ISOs in the
> world) is a valuable property.
??? I have no idea what you are talking about.
> If the SHA512SUMS
Hi,
Nicolas George wrote:
> > You are changing the terms of the problem at each messages,
Only as far as use cases for Debian ISO image hashs are concerned.
No hash collisions among all Debian ISOs (or better all ISOs in the
world) is a valuable property.
i wrote:
> > > I could imagine that PGP
Le quintidi 5 ventôse, an CCXXIV, David Wright a écrit :
> Any faster ones that you recommend from the lists below? (I've rolled
> my own implementation of fdupes (which uses MD5) in python.)
Nobody can recommend anything without knowing the intended use.
Regards,
--
Nicolas George
signatur
On Tue 23 Feb 2016 at 13:15:38 (+0100), Nicolas George wrote:
> Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
> > i wrote:
> > > > The ISO checksums are provided more for transport verification than
> > > > for the fight against intentional mainpulation.
>
> > Nicolas George wrote:
>
Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
> i have to revoke some of my criticism towards Debian's signed
> hash value lists.
> Together, MD5, SHA1, SHA256, and SHA512 provide up to 132 bytes of
> uniqueness (assumed that they have no systematic correlations).
This is irrelevant.
Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
> i wrote:
> > > The ISO checksums are provided more for transport verification than
> > > for the fight against intentional mainpulation.
> Nicolas George wrote:
> > If that were true, CRC32 would be enough.
> For detecting most glitches
Hi,
i wrote:
> > The ISO checksums are provided more for transport verification than
> > for the fight against intentional mainpulation.
Nicolas George wrote:
> If that were true, CRC32 would be enough.
For detecting most glitches, yes.
But not if we want to use it for identifying files in benev
On Tue, Feb 23, 2016 at 12:02:50PM +0100, Thomas Schmitt wrote:
> Hi,
>
> Nicolas George wrote:
> > Of course, that does not mean MD5 and SHA-1 should be used nowadays. New
> > theoretical attacks are found, keeping using hashes with known weaknesses is
> > stupid.
>
> The ISO checksums are provi
Hi,
i have to revoke some of my criticism towards Debian's signed
hash value lists.
Together, MD5, SHA1, SHA256, and SHA512 provide up to 132 bytes of
uniqueness (assumed that they have no systematic correlations).
I could imagine that PGP is easier to surpass than that.
Well, according to wikipe
Le quintidi 5 ventôse, an CCXXIV, Thomas Schmitt a écrit :
> The ISO checksums are provided more for transport verification than
> for the fight against intentional mainpulation.
If that were true, CRC32 would be enough.
> Signing the hash lists by PGP still seems a bit weak as protection.
Signi
Le 23/02/2016 12:02, Thomas Schmitt a écrit :
Most important seems a permanent supervision of the web site content
from not publicly known client machines.
if I followed right this, there was a redirect to an external site. How
can this be possible?
html links is the first thing spam uses
Hi,
Nicolas George wrote:
> Of course, that does not mean MD5 and SHA-1 should be used nowadays. New
> theoretical attacks are found, keeping using hashes with known weaknesses is
> stupid.
The ISO checksums are provided more for transport verification than
for the fight against intentional mainp
Hi,
Darac Marjal wrote:
> It's difficult to provide a malicious ISO with the same MD5 as another, but
> not impossible. You can just append a certain amount of junk data until the
> hashes match.
Or you manipulate a dedicated byte array in your evil add-on. This
would avoid suspicious size change
Le quintidi 5 ventôse, an CCXXIV, Darac Marjal a écrit :
> It's difficult to provide a malicious ISO with the same MD5 as another, but
> not impossible. You can just append a certain amount of junk data until the
> hashes match. Similarly, you CAN do the same with SHA-1 (hash collisions ARE
> possi
On Tue, Feb 23, 2016 at 09:39:24AM +0800, Gener Badenas wrote:
On Tue, Feb 23, 2016 at 3:23 AM, Thomas Schmitt <[1]scdbac...@gmx.net> wrote:
Hi,
> [2]http://thehackernews.com/2016/02/linux-mint-hack.html
A virus of 1.5 GiB size.
Does anybody know a download URL for such an infec
Hi,
Gener Badenas wrote:
> Will people downloading the linix mint from torrent be affected?
http://blog.linuxmint.com/?p=2994
"Does this affect you?
As far as we know, the only compromised edition was Linux Mint 17.3 Cinnamon
edition.
If you downloaded another release or another edition, this d
> On Feb 22, 2016, at 6:39 PM, Gener Badenas
> wrote:
>
> Will people downloading the linix mint from torrent be affected?
Don't think so.
Google (or DuckDuckGo) for 'linux mint hacked' and you'll get lots of info with
no "Click Here" buttons.
One I found that way said torrent downloads
On Tue, Feb 23, 2016 at 3:23 AM, Thomas Schmitt wrote:
> Hi,
>
> > http://thehackernews.com/2016/02/linux-mint-hack.html
>
> A virus of 1.5 GiB size.
>
> Does anybody know a download URL for such an infected ISO image ?
> (I am curious whether they used my software or mkisofs or something
> unusu
Hi,
Sven Hartge wrote:
> You cannot wget a mega.nz URL. You have to use a Javascript-enabled
> Browser to get the file.
Shall i really enable insecure Javascript to download a malicious ISO ?
... google ... Kim Schmitz ... rofl ... i am not that curious.
Have a nice day :)
Thomas
Thomas Schmitt wrote:
> Dalios wrote:
>> https://mega.nz/#!QwY1EZKJ!GW1gLzXaOUo8sNGF-zddRLwgsfamZy7C5u0CARjaUs0
> Only wgets a small index.html file:
> meta name="description" content="MEGA provides free cloud storage with
> convenient and powerful always-on privacy. Claim your free 50GB now!
Hi,
Dalios wrote:
> https://mega.nz/#!QwY1EZKJ!GW1gLzXaOUo8sNGF-zddRLwgsfamZy7C5u0CARjaUs0
Only wgets a small index.html file:
meta name="description" content="MEGA provides free cloud storage with
convenient and powerful always-on privacy. Claim your free 50GB now!"
Probably spam, i fear.
>
On 02/22/2016 09:23 PM, Thomas Schmitt wrote:
> Does anybody know a download URL for such an infected ISO image ?
> (I am curious whether they used my software or mkisofs or something
> unusual.)
Here you go:
https://mega.nz/#!QwY1EZKJ!GW1gLzXaOUo8sNGF-zddRLwgsfamZy7C5u0CARjaUs0
Have in mind t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, 22 Feb 2016 20:50:55 +0100
"Thomas Schmitt" wrote:
>Hi,
>
>> Cannot say more, but the article is rather detailed.
>
>It tells a lot about the hack and the Mint people are bravely answering
>questions.
>But my curiosity is about whether i in
Hi,
> Cannot say more, but the article is rather detailed.
It tells a lot about the hack and the Mint people are bravely answering
questions.
But my curiosity is about whether i indirectly helped the hackers.
I cannot prevent such misuse of xorriso, neither practically nor legally.
The GPL does
The article indicates that hackers redirected the download link for one
edition of mint to an ftp site with their infected iso image.
Cannot say more, but the article is rather detailed.
Kare
On Mon, 22 Feb 2016, Thomas Schmitt wrote:
Hi,
http://thehackernews.com/2016/02/linux-mint-hack.ht
Hi,
> http://thehackernews.com/2016/02/linux-mint-hack.html
A virus of 1.5 GiB size.
Does anybody know a download URL for such an infected ISO image ?
(I am curious whether they used my software or mkisofs or something
unusual.)
Have a nice day :)
Thomas
61 matches
Mail list logo
