R: R: [gst-devel] Create a secure level
Benjamin Otte
in7y118 at public.uni-hamburg.de
Wed May 4 06:12:22 CEST 2005
You do know that everyone has the source code to GStreamer and is able to
circumvent such useless parity checks with a recompile?
Or by downloading a recompiled version from the web?
Benjamin
On Tue, 3 May 2005, Domenico Pontari wrote:
> Thomas, you are right.
>
> Usually in telecomunication protocols such as TCP, we use 8 parity bit to verify that the information from the source it's same at the destination: for example you can sum all ciphers (without the last 8 bits) of a TCP packet obtaining 8 bit and check if this 8 bits are the same of the last 8. This is what I mean with parity check.
>
> But you can also use this method with files: you can open any file and sum all simbols obtaining 8 bits, an hash of the program. You can write for the jump to bad boy (the conditional statement that verify if you have the password for the program or if you have the right CD for game, ecc...) something like this:
>
> if (parity_check != 204) {
> ... bad boy ...
> }
> ... go on ...
>
> usually if you haven't source code you must use a decompiler like IDA to catch the right jump (for example JMP assembler statement) and change JMP statement in NOP or something else. But if you do only this parity check changes because JMP machine code is different from NOP statement and so you need to recalculate parity check and change it in the program.
>
> When you do this are you sure that you catch the right jump? Are you sure that your counts for the new parity check are rights? Often you have only a way to verify this: try it. But there is another parity check in Gstreamer API that verify not only itself, but also the player. So there are 2 cases:
> 1) You are so smart that you can:
> a. catch the right jump in the player for the parity check of player's code
> b. catch the right jump in the player for the parity check of Gstreamer's code
> c. catch the right jump in Gstreamer API for the parity check of player's code
> d. catch the right jump in Gstreamer API for the parity check of Gstreamer's code
> e. calculate in the right the new parity number in the player for the parity check of player's code
> f. calculate in the right the new parity number in the player for the parity check of Gstreamer's code
> g. calculate in the right the new parity number in Gstreamer API for the parity check of player's code
> h. calculate in the right the new parity number in Gstreamer API for the parity check of Gstreamer's code
> 2) You fault in 1 of previous things, but you won't know where because the only result is that the player doesn't work.
>
> I hope I've been clearer.
>
> Bye,
> Domenico
>
> -----Messaggio originale-----
> Da: Thomas Vander Stichele [mailto:thomas at apestaart.org]
> Inviato: martedì 3 maggio 2005 18.45
> A: Domenico Pontari
> Cc: Jan Schmidt; gstreamer-devel at lists.sourceforge.net
> Oggetto: Re: R: [gst-devel] Create a secure level
>
>
> Hi Domenico,
>
> > Ok, I would like to go deeper in the short answer. What do you think about a security check on:
> >
> > 1) player
> > 2) Gstreamer
> > 3) X Windows
> >
> > in the player there is a parity check on Gstreamer and X Windows, in GStreamer API's there is a parity check on the player and X Windows (and I could say: in X Windows there is a parity check on Gstreamer and the player).
> > So that when you try to exploit the player it doesn't work because Gstreamer's parity check fails, when you try to exploit Gstreamer it doesn't work because the parity check of the player fails. The only way to solve the trick is to patch Gstreamer and the player together: it should be complex because you don't know if you failed in Gstreamer or in the player. If you do this for XWindows too, it should be quite impossible.
>
> You'll have to be clearer to have a sensible discussion. What is this
> parity check ? How does it work ? How is it technically implemented ?
>
> If you're trying to come up with a foolproof unhackable system, I think
> most people on this list will tell you that it's not possible.
>
> So all we're left with is discussing practical difficulty. To discuss
> that you need to explain properly what it is you're asking :) And as
> soon as you do I'm sure people can offer suggestions on how to break it.
>
> So I would assume that what you would want is to get a feeling for how
> difficult it is to break whatever system you are currently thinking of,
> so you need to explain it some more.
>
> Thomas
>
>
>
> Dave/Dina : future TV today ! - http://www.davedina.org/
> <-*- thomas (dot) apestaart (dot) org -*->
> I've got ladyfingers baby
> I've got kidgloves
> baby I got heart
> <-*- thomas (at) apestaart (dot) org -*->
> URGent, best radio on the net - 24/7 ! - http://urgent.fm/
>
>
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: NEC IT Guy Games.
> Get your fingers limbered up and give it your best shot. 4 great events, 4
> opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
> win an NEC 61 plasma display. Visit http://www.necitguy.com/?r
> _______________________________________________
> gstreamer-devel mailing list
> gstreamer-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/gstreamer-devel
>
>
More information about the gstreamer-devel
mailing list