[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: PREVIEW: bsign embeds hash and/or digital signature in ELF files



> 
> --tjCHc7DPkfUGtrlw
> Content-Type: text/plain; charset=us-ascii
> Content-Transfer-Encoding: quoted-printable
> 
> On Mon, Dec 14, 1998 at 12:40:46AM +0100, Wichert Akkerman wrote:
> <snip>
> > This sounds like a very usefull tool which can be used as an alternative
> > to tripwire.
> 
> Erm, if someone has access to change the binarys then it is no problem
> to also change the signature in said binarys..

OK, What am I missing here...  To me, the above sentence is nonsense.

I see the situation as analogous to virtually any digital signature 
situation:  email, Debian packages, etc.  In order for someone to 
modify the signed element surrupticiously, they would have to have 
write access to the object being signed, and access to the private key 
of the signatory.

If this isn't the case, then signed email is worthless, since many 
people can (and to a limited extent, do) write to and modify the 
message in transit.

So if I have a binary with an embedded signature on my machine, and Mr. 
Black Hat gets full write access to it, he can a) get caught, b) resign 
it himself, or c) discover that the system is really security weak by 
finding the appropriate private keys available on the system.

Since -several- people have said that tripwire is superior because it 
has detached certificates which can be stored offline, I must be 
missing something.


-- 
     Buddha Buck                      bmbuck@acsu.buffalo.edu
"Just as the strength of the Internet is chaos, so the strength of our
liberty depends upon the chaos and cacaphony of the unfettered speech
the First Amendment protects."  -- A.L.A. v. U.S. Dept. of Justice


Reply to: