Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System
Hi,
Darac Marjal wrote:
> It's difficult to provide a malicious ISO with the same MD5 as another, but
> not impossible. You can just append a certain amount of junk data until the
> hashes match.
Or you manipulate a dedicated byte array in your evil add-on. This
would avoid suspicious size changes.
Dirichlet's pidgeon hole principle tells us that in average 16 bytes
will suffice. The design goals of a hash algorithm strive for even
distribution. So the 16 byte might suffice in all cases. Quite surely
they suffice in most cases.
Nevertheless it is not yet feasible by brute force ... i guess.
Other than with MD5 "encrypted" passwords, you cannot simply create
a giant dictionary which would give you a matching input string when
you look up an MD5. Also, the passwords are in most cases shorter
than 16 bytes. So you do not need 2 exp 128 entries in your dictionary
in order to have a good chance to find a matching password.
> Similarly, you CAN do the same with SHA-1.
That would need an array of 20 bytes in average.
(Probably an algorithm would work better if it had more bytes to play
with.)
> *and* you have to keep the length the same *and* the file has to be
> coherent enough to work
These are no substantial obstacles. The only thing you need (and which
is intentionally hard to do) is reverse computation of the hash value.
I.e. find one of the many many many representants of the hash class of
that value with the given length.
Currently i wonder whether they packed up a new ISO or whether they
just patched the content of a binary file in the ISO, which is supposed
to be executed by normal installation or system use.
One could judge by comparing fake with original ISO.
Have a nice day :)
Thomas
Reply to: