|
Rockbox mail archiveSubject: RE: WPS tokenizerRE: WPS tokenizer
From: RaeNye <raenye_at_netvision.net.il>
Date: Tue, 20 Mar 2007 15:26:44 +0200 >I agree, there's propably better attack vectors... but then again, rockbox code is usually downloaded >from the rockbox website, but I would download a theme from somewhere else. Here is the attack Many people are using custom builds which are usually hosted elsewhere (rapidshare, etc.) To save the attacker much work, she can just include the autorun executable in the build zip file. >ok, i know this is stupid. There could also be some overflow in one codec, so playing a song does >the same to rockbox. As long as rockbox doesnt speak TCP/IP, it can afford to have >"optimistic security" :) Just imagine the security issues with a RB-powered Zune... >If we do that, we should make sure the hashing is faster than the parsing >Can we just check the timestamp? I think windows sets it, i dont know how many linux distros mount usb devices with noxtime, X in {a,m,c} (or whatever it was). A reasonable assumption is that the only device that is "allowed" to compile WPS is the current Rockbox build itself, since the binary format may depend on the platform and/or the build itself. We can check the timestamp and the RB checksum (the same one that's verified on boot). This adds a WPS compilation whenever RB is updated, but that won't happen too often for most users. >But I'll shut up now. I heard the google talk about poisonous ppl and i dont want to be one of them. Dev lists /are/ for discussion, aren't they? Received on 2007-03-20 Page template was last modified "Tue Sep 7 00:00:02 2021" The Rockbox Crew -- Privacy Policy |