Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Case ID 51560370 - Notice of Claimed Infringement

From: bkfsec <bkfsec () sdf lonestar org>
Date: Fri, 08 Apr 2005 11:30:40 -0400
Thierry Zoller wrote:


RP> Otherwise, it is _possible_ to have a chunk with the same fingerprint and
RP> make it appear that you have said chunk of their iso.
That's *AFAIK* not possible, if this would be true the edonckey/emule
protocol would have a big design flaw and poeple couldn't even trade
millions of files every day, some (most?) downloads would be corrutped
as they could  have potentialy downloaded a wrong chunk which in fact
is from another file.
Of course it's possible. All hashes, by their very nature, have collisions. The only way to have a truly unique identifier is to use the actual content of the file (or chunk) itself. The minute you distill the content down to a hash, you're guaranteeing that collisions will occur.
They are, however, somewhat rare. That's why the system works as relatively well as it does.
Regarding corrupt files via P2P protocols... no file transfered via P2P has _ever_ tranferred bad data and wound up corrupt, right? :) /friendly sarcasm. 

            -Barry


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: