[10280] in cryptography@c2.net mail archive
Re: A risk with using MD5 for software package fingerprinting
daemon@ATHENA.MIT.EDU (David Honig)
Sun Jan 27 14:05:53 2002
Message-Id: <3.0.6.32.20020127105355.00838850@mail.orng1.occa.home.com>
Date: Sun, 27 Jan 2002 10:53:55 -0800
To: "Arnold G. Reinhold" <reinhold@world.std.com>,
cryptography@wasabisystems.com
From: David Honig <dahonig@home.com>
In-Reply-To: <v04210103b879cf361c1d@[192.168.0.2]>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
At 12:07 PM 1/27/02 -0500, Arnold G. Reinhold wrote:
> if
>an attacker had an agent working inside the organization that
>produced the package, the agent could simply insert the Trojan
>software patch in the original package. However such an insertion is
>very risky. A sophisticated software company would likely have code
>reviews that would make introduction of the Trojan code difficult.
Um, right. A good company would have *design* reviews, but would it really
spend time having skilled engineers review *all* the actual codelines
(given time to market pressure, tedium limits, etc.)? An individual with
write access to their part of a source-control-system is all
you need. Remember, you could buy Aldrich Ames (wife included) or
Hanssen (just him) for under 1.5 mill $USD each. Perhaps certain
core operations are studied with >2 eyeballs, but all you need is
one breach to undermine security.
I would like to learn about *code* review practices in whatever
is considered a 'sophisticated' software company.
Cheers
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
