Security Basics mailing list archives
Re: Instant Messaging hash values
From: Dave Aronson <sfbasics2dave () davearonson com>
Date: Sat, 6 Aug 2005 10:38:27 -0400
"Nick Duda" <nduda () VistaPrint com> wrote:
I'm looking to create a software restriction policy via GPO to prevent different instant messenger services (AIM, MSN, Yahoo, Trillian..etc) from running based on the hash value. Short of gathering all know binaries for each client is there any way to obtain hash codes from past versions anywhere....perhaps a website with a repository of hash values for binaries?
All it would take to get around that, is for someone to compile it themselves. Only if there's absolutely nothing in the binary that depends in any way on the time, or particular machine, or installed libraries detected, etc., will the hashes work out the same. (Barring the occasional coincidental collision of course.) Don't get too hung up on using technology to solve every problem. How about prevention via deterrence: get caught running this stuff and you get, oh, say, something vague like "penalties to be decided in accordance with the severity of the case, ranging from verbal reprimand to immediate termination and, if applicable, required reimbursement of consequential damages" (like if you let in an IM-borne virus)? -Dave
Current thread:
- Instant Messaging hash values Nick Duda (Aug 05)
- Re: Instant Messaging hash values Dave Aronson (Aug 08)
- Re: Instant Messaging hash values Netops (Aug 08)
- Re: Instant Messaging hash values Gaddis, Jeremy L. (Aug 10)
- Re: Instant Messaging hash values David Siles (Aug 15)
- <Possible follow-ups>
- RE: Instant Messaging hash values Nick Duda (Aug 10)
- RE: Instant Messaging hash values Robinson, Sonja (Aug 10)
- Re: Instant Messaging hash values Ayaz Ahmed Khan (Aug 10)
- RE: Instant Messaging hash values David Gillett (Aug 10)
- Re: Instant Messaging hash values NewYork User (Aug 12)
- RE: Instant Messaging hash values Keith Bucher (Aug 12)