[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [opensuse-security] ISO Signatures



On Sat, Jun 14, 2008 at 12:44:47PM +0100, Benji Weber wrote:
> 2008/6/14 Carlos E. R. <robin.listas@xxxxxxxxxxxxxx>:
> > I'm sorry, I don't quite understand. The checksum for the ISO file checks
> > the entire ISO file including the bootloader, so I don't see how the
> > bootloader can be altered and the iso still pass the test.
> 
> There are MD5SUMs here
> http://download.opensuse.org/distribution/10.3/iso/cd/MD5SUMS .
> However, md5 has various weaknesses and it is potentially possible to
> engineer a modified iso the same size with the same MD5SUM.
> Furthermore, the md5sums are not even signed, so it's difficult to be
> sure they are even correct.
> 
> Since the bootloader can do anything to your system and is untrusted,
> it is potentially dangerous to boot from a downloaded openSUSE ISO.
> The contents file and others itself inside the ISO are signed. I
> believe it is possible to generate a fully trusted ISO by regenerating
> the bootloader from signed material. It would be much simpler just to
> publish signatures for the ISOs though.

I have cross checked the 11.0 staging area and there are both SHA1SUMS
and MD5SUMS and all are signed by coolo.

Ciao, Marcus
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx