Full Disclosure mailing list archives
Re: Re: Case ID 51560370 - Notice of ClaimedInfringement
From: Jason <security () brvenik com>
Date: Fri, 08 Apr 2005 12:50:24 -0400
Valdis.Kletnieks () vt edu wrote:
On Fri, 08 Apr 2005 12:07:08 EDT, bkfsec said:Craft a file with the same hash, time+date stamp and size, and be sure to include a program and license disclosure for a program that you wrote.Unfortunately, nobody has a good algorithm for creating a file that has the same MD5 hash as a given existing file. So while I *can* create two files "foo1" and "foo2" that happen to have the same hash (the actual value of which I have no control over), I can't (yet) create a file that has the same MD5 hash as the trailer for the next Star Wars movie...
I think that entirely depends on the format the file is distributed in. You could take a zipfile and pad it in non critical areas to change the MD5 without creating a substantial difference in the deliverable content. You could do the same with gzip or bzip formatted files. You could also pad any embedded jpeg images to engineer a collision. There are quite a few opportunities where this method could be used to twiddle the new MD5 without materially changing the content.
Here is the case I am thinking about.Software that is ~150M in size, it gets redistributed as a new file that is 160M is size but has a collision with your software which is also 160M in size. I imagine there would be some computational time involved to find the appropriate collision but a lot less computational time than finding a perfect match to the original.
Now everyone must download both files to know for sure that there is a violation, in performing this download they are violating the law themselves. I doubt you would be awarded any royalties as a result of this but it would take all of the meat out of further prosecution efforts since they would have to be able to prove they did not violate the law and in fact downloaded only the correct version.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Jason Coombs (Apr 07)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Thierry Zoller (Apr 07)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Anders Breindahl (Apr 07)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Jason (Apr 07)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement AJ C (Apr 07)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Jason (Apr 07)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement bkfsec (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Valdis . Kletnieks (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement dk (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Jason (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Valdis . Kletnieks (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Jason (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Valdis . Kletnieks (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement AJ C (Apr 07)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Thierry Zoller (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Jason (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Thierry Zoller (Apr 09)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Scott Edwards (Apr 08)
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Honza Vlach (Apr 09)
- Re: Re: Case ID 51560370 - Notice ofClaimedInfringement class101 () HAT-SQUAD com (Apr 08)
- <Possible follow-ups>
- Re: Re: Case ID 51560370 - Notice of ClaimedInfringement Jason Coombs (Apr 07)