Thread: Idle fun for net hackers..
View Single Post
  #96   Report Post  
Posted to uk.d-i-y
dennis@home[_3_] dennis@home[_3_] is offline
external usenet poster
  
Posts: 1,357
Default Idle fun for net hackers..


"Rod Speed" wrote in message
...
dennis@home wrote
Rod Speed wrote
dennis@home wrote
Rod Speed wrote

It would be theoretically possible to hide any change if you had the
resources and opportunity. For example if you use hashes to detect
changes then someone could alter the hashes.

Not if they arent on that system they cant.

You can't be sure that what you installed wasn't compromised in the
first place.

You dont have to install anything on the system being checked.

We are talking about real computer systems that are used to do things.

Sure, but its still perfectly possible to completely protect those.

And you can test whether it can detect changes by making your own
changes too.

There are even possible attacks if you compile the C source from
scratch. for example..

Yes, but if that system isnt even on the system being protected...

Which system?

The one checking the hashes.

its possible to build a compiler that puts unwanted stuff into programs
it compiles.

But they have no control over what compiler you use with a common
language.

well you do, but the fact that you don't use that control means you
may well be compromised from the very start and you wouldn't know.

Nope, not with something as simple as using hashes to check what gets
changed.

Nothing does get changed on the system, you are hacked from the start.
The hack is loaded on startup, runs in ram, disappears when you look for it,
reappears on restart, still no changes to your hashes.
Sure if you monitor all the outputs you may find the system is doing
something odd but you reinstall it and the hack is still there and the
hashes are the same.

It is possible to hide these from the source code of the compiler by
recognising the compiler and adding the code to do this when the
compiler is compiled.

But they have no control over what compiler you use with a common
language.

Are you sure it isn't in say the GNU compiler?

Its easy enough to be sure of that.

How?


You can't detect it by reading the source and if you compile the
source with an infect compiler you have an infected compiler.

So you ensure you dont use infected compiler.

How?


Before you say this can't be done, did you use a binary to compile your
last program or did you do it by hand to ensure the above wasn't done?

My last program isnt relevant. What matters is what is used to
compile the system that does the checks. With hashes the code
can be so simple that its quite practical to compile it by hand.

So you don't understand what I said then.

Wrong. There doesnt have to be any compiler involved at all.

You can compile by hand if you are that paranoid.

So now you are required to be paranoid to meet your security claim?


You can reduce the risk of this happening but it will always be 0.

Nope. Its perfectly possible to have a risk of 0.

You also put a chainsaw through your computer then?

Dont need to do that.


Reply With QuoteReply With Quote