[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Is FFSpy a hoax?
- To: Valdis.Kletnieks@xxxxxx
- Subject: Re: [Full-disclosure] Is FFSpy a hoax?
- From: T Biehn <tbiehn@xxxxxxxxx>
- Date: Tue, 2 Jun 2009 01:16:36 -0400
On Mon, Jun 1, 2009 at 11:46 PM, <Valdis.Kletnieks@xxxxxx> wrote:
> On Mon, 01 Jun 2009 23:05:02 EDT, T Biehn said:
>> Consider a defense within the realm of possibility:
>> On install firefox requests that the user enter an identifier. This
>> identifier is presented to the user in the top bar of his browser
>> window. Firefox 'locks' all script files while it is on.
>> Firefox self-encrypts to the one-way-hash of the files.
>> A user will know they have been compromised because the identifier
>> cannot match if firefox.exe has been replaced by another version that
>> supersedes the checks if the identifier is stored as part of the
>> encrypted program stub.
>
> Several problems here:
>
> 1) Self-encrypting to the one-way-hash doesn't solve the problem - an
> attacker can decrypt the stored file, extract the identifier, and then
> save the backdoored file encrypted to the new hash, identifier and all.
> (Hint - this is exactly what you'd have to do on a *legitimate* update
> of an extension...)
>
> 2) And in fact, encrypting to the expected hash value doesn't actually do
> much for you - if I know the expected hash value is 0x349F3D, I can just
> use that to store an encrypted backdoored file whose hash in fact *isn't*
> 0x349F3D. Now, *once retrieved*, you probably should re-check the hash
> of the retrieved file, and make sure it is still 0x349F3D - but at that
> point, the crypting is pointless, as all you care about is the before/after
> hashes of the plaintext. Now finding a secure way to store that "before"
> hash - *that's* the hard part (in general, you can't store it anyplace the
> user can write to, which makes a legitimate update "interesting")
>
> 3) The usual warnings about using a good crypto-strength hash function apply.
> I haven't seen a break for MD5 that allows colliding to a pre-determined hash
> yet. The key word here is "yet". ;)
>
> 4) You'd probably have to decide between having one master identifier which
> would piss off users and break every time Firefox or any extension released a
> patch, or having one identifier per extension, and piss off users who can't
> remember all the identifiers...
>
> 5) A small UI real estate problem - at least on my Linux box, Firefox is
> already using the window titlebar to display the <title> tag from the page.
> I suspect that users still want that behavior, so you need to find a way
> to co-exist with that. But heck, if Firefox Minefield builds can stick
> a build ID onto the titlebar, what's another 10-15 chars? ;)
>
>
>
VK: Did you read the first sentence of my e-mail and then ignore the rest?
Pretty obvious from the above.
-Travis
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/