On Wed, Dec 23, 1998 at 08:54:41AM +1100, Mark Delany wrote:
> I guess I'd have a more sophisticated comparison program. Why not have two
> MD5 checksums - one for the data prior to the modified section of the binary
> and one for after the modified section. Then I'd have a mechanism for
> checking the modified bits. Not a pretty program, but not impossible either
> I'd think.
You're requiring a database of this information be kept somewhere.
Since this information has to be kept for each system as it gets
installed you have to have the database available for reading and
writing somewhere, which means it vulnerable to change, and not
necessarily as secure.
> Heck. Maybe the type of checking program should be tied to each file so that
> you can vary between an MD5 check, a multi-part MD5 check, a diff (why not
> for a text file that is never meant to change - more reliable than MD5) and
> so on.
Sure, text files. If we were talking about text files this whole
discussion would be moot.
Anyway, a large part of the security is greatly augmented, or maybe
only really there, because you can create a secure media that contains
copies, checksums, or something similar to compare against.
> No, I'm not advocating anything, just observing that yes a simplistic MD5
> has a problem, but why does it have to be only a simplistic MD5?
Tell me if you have another method that provides the same or more
advantages.
-Peter
