Re: Study: Attacks on package managers (inclusing apt)

To: Goswin von Brederlow <goswin-v-b@web.de>
Cc: Micah Anderson <micah@riseup.net>, debian-security@lists.debian.org
Subject: Re: Study: Attacks on package managers (inclusing apt)
From: Goswin von Brederlow <goswin-v-b@web.de>
Date: Fri, 18 Jul 2008 21:56:45 +0200
Message-id: <877ibj9daa.fsf@frosties.localdomain>
In-reply-to: <20080718131009.GO2712@mathom.us> (Michael Stone's message of "Fri, 18 Jul 2008 09:10:11 -0400")
References: <1216306014.31418.6.camel@localhost> <20080717150835.GJ2712@mathom.us> <20080717153012.GT17993@pond.riseup.net> <20080717210641.GM2712@mathom.us> <874p6nphk8.fsf@frosties.localdomain> <20080718131009.GO2712@mathom.us>

Michael Stone <mstone@debian.org> writes:

> On Fri, Jul 18, 2008 at 01:17:43PM +0200, Goswin von Brederlow wrote:
>>Or just one DNS server or even just the users client.
>
> You'd also have to keep the DNS server wrong. Doing this in a manner
> that people don't notice is (IMO) hard, because people do go looking
> for particular security updates. And if the client is already
> compromised, who cares about whether the update mechanism has
> theoretical issues?
>
> Mike Stone

See the latest DNS vulnerability about how you can compromise a clients
DNS without having to hack a DNS server.

Only way people notice a spoofed dns reply is when they saw a security
update being announced and apt-get won't get it. Not everybody does,
some people just run apt get and trust it to work.

MfG
        Goswin

Reply to:

Follow-Ups:
- Re: Study: Attacks on package managers (inclusing apt)
  - From: Michael Stone <mstone@debian.org>

References:
- Study: Attacks on package managers (inclusing apt)
  - From: Daniel Leidert <daniel.leidert.spam@gmx.net>
- Re: Study: Attacks on package managers (inclusing apt)
  - From: Michael Stone <mstone@debian.org>
- Re: Study: Attacks on package managers (inclusing apt)
  - From: Micah Anderson <micah@riseup.net>
- Re: Study: Attacks on package managers (inclusing apt)
  - From: Michael Stone <mstone@debian.org>
- Re: Study: Attacks on package managers (inclusing apt)
  - From: Goswin von Brederlow <goswin-v-b@web.de>
- Re: Study: Attacks on package managers (inclusing apt)
  - From: Michael Stone <mstone@debian.org>

Prev by Date: Re: Study: Attacks on package managers (inclusing apt)
Next by Date: Re: Study: Attacks on package managers (inclusing apt)
Previous by thread: Re: Study: Attacks on package managers (inclusing apt)
Next by thread: Re: Study: Attacks on package managers (inclusing apt)
Index(es):
- Date
- Thread