1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
|
Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193]
helo=mx.sourceforge.net)
by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <melvincarvalho@gmail.com>) id 1UMnCp-0004hW-TD
for bitcoin-development@lists.sourceforge.net;
Mon, 01 Apr 2013 22:27:59 +0000
Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.215.51 as permitted sender)
client-ip=209.85.215.51; envelope-from=melvincarvalho@gmail.com;
helo=mail-la0-f51.google.com;
Received: from mail-la0-f51.google.com ([209.85.215.51])
by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1UMnCo-0006K0-AD
for bitcoin-development@lists.sourceforge.net;
Mon, 01 Apr 2013 22:27:59 +0000
Received: by mail-la0-f51.google.com with SMTP id fo13so2548536lab.10
for <bitcoin-development@lists.sourceforge.net>;
Mon, 01 Apr 2013 15:27:51 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.112.38.202 with SMTP id i10mr6592097lbk.127.1364855271511;
Mon, 01 Apr 2013 15:27:51 -0700 (PDT)
Received: by 10.112.143.38 with HTTP; Mon, 1 Apr 2013 15:27:51 -0700 (PDT)
In-Reply-To: <CAHQs=o4pKBoVO-14dqoq9EoNxq2BNnKE+zmOjLBw+XqJfAp8yA@mail.gmail.com>
References: <CAKaEYhK5ZzP8scbhyzkEU+WdWjwMBDzkgF+SrC-Mdjgo9G9RnA@mail.gmail.com>
<CACezXZ94oDX1O7y7cgh+HvDj4QiDWmy1NVQ4Ahq=gmzhgmUaHQ@mail.gmail.com>
<CAKaEYhK4v3mhkGMKDW9g7km+5artBAjpukQdwx17psgdJaqvgA@mail.gmail.com>
<CAHQs=o4pKBoVO-14dqoq9EoNxq2BNnKE+zmOjLBw+XqJfAp8yA@mail.gmail.com>
Date: Tue, 2 Apr 2013 00:27:51 +0200
Message-ID: <CAKaEYh+bePsmzM5XU1wpb_SFrTnbKB8LxMvWLLqP4p8KuesuSA@mail.gmail.com>
From: Melvin Carvalho <melvincarvalho@gmail.com>
To: Will <will@phase.net>
Content-Type: multipart/alternative; boundary=90e6ba25e8c1a0dfa304d9542109
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(melvincarvalho[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1UMnCo-0006K0-AD
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] bitcoin pull requests
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Mon, 01 Apr 2013 22:28:00 -0000
--90e6ba25e8c1a0dfa304d9542109
Content-Type: text/plain; charset=ISO-8859-1
On 2 April 2013 00:10, Will <will@phase.net> wrote:
> The threat of a SHA1 collision attack to insert a malicious pull request
> are tiny compared with the other threats - e.g. github being compromised,
> one of the core developers' passwords being compromised, one of the core
> developers going rogue, sourceforge (distribution site) being compromised
> etc etc... believe me there's a lot more to worry about than a SHA1
> attack...
>
> Not meaning to scare, just to put things in perspective - this is why we
> all need to peer review each others commits and keep an eye out for
> suspicious commits, leverage the benefits of this project being open source
> and easily peer reviewed.
>
Very good points, and I think you're absolutely right.
But just running the numbers, to get the picture, based of scheiner's
statistics:
http://www.schneier.com/blog/archives/2012/10/when_will_we_se.html
We're talking about a million terrahashes = 2^60 right?
With the block chain, you only have a 10 minute window, but with source
code you have a longer time to prepare.
Couldnt this be done with an ASIC in about a week?
>
> Will
>
>
> On 1 April 2013 23:52, Melvin Carvalho <melvincarvalho@gmail.com> wrote:
>
>>
>>
>>
>> On 1 April 2013 20:28, Petr Praus <petr@praus.net> wrote:
>>
>>> An attacker would have to find a collision between two specific pieces
>>> of code - his malicious code and a useful innoculous code that would be
>>> accepted as pull request. This is the second, much harder case in the
>>> birthday problem. When people talk about SHA-1 being broken they actually
>>> mean the first case in the birthday problem - find any two arbitrary values
>>> that hash to the same value. So, no I don't think it's a feasible attack
>>> vector any time soon.
>>>
>>> Besides, with that kind of hashing power, it might be more feasible to
>>> cause problems in the chain by e.g. constantly splitting it.
>>>
>>
>> OK, maybe im being *way* too paranoid here ... but what if someone had
>> access to github, could they replace one file with one they had prepared at
>> some point?
>>
>>
>>>
>>>
>>> On 1 April 2013 03:26, Melvin Carvalho <melvincarvalho@gmail.com> wrote:
>>>
>>>> I was just looking at:
>>>>
>>>> https://bitcointalk.org/index.php?topic=4571.0
>>>>
>>>> I'm just curious if there is a possible attack vector here based on the
>>>> fact that git uses the relatively week SHA1
>>>>
>>>> Could a seemingly innocuous pull request generate another file with a
>>>> backdoor/nonce combination that slips under the radar?
>>>>
>>>> Apologies if this has come up before ...
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Own the Future-Intel® Level Up Game Demo Contest 2013
>>>> Rise to greatness in Intel's independent game demo contest.
>>>> Compete for recognition, cash, and the chance to get your game
>>>> on Steam. $5K grand prize plus 10 genre and skill prizes.
>>>> Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
>>>> _______________________________________________
>>>> Bitcoin-development mailing list
>>>> Bitcoin-development@lists.sourceforge.net
>>>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>>>>
>>>>
>>>
>>
>>
>> ------------------------------------------------------------------------------
>> Own the Future-Intel® Level Up Game Demo Contest 2013
>> Rise to greatness in Intel's independent game demo contest.
>> Compete for recognition, cash, and the chance to get your game
>> on Steam. $5K grand prize plus 10 genre and skill prizes.
>> Submit your demo by 6/6/13. http://p.sf.net/sfu/intel_levelupd2d
>> _______________________________________________
>> Bitcoin-development mailing list
>> Bitcoin-development@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>>
>>
>
--90e6ba25e8c1a0dfa304d9542109
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On 2 April 2013 00:10, Will <span dir=3D"ltr"><<a href=3D"mailto=
:will@phase.net" target=3D"_blank">will@phase.net</a>></span> wrote:<br>=
<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-=
left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir=3D"ltr">The threat of a SHA1 collision attack to insert a maliciou=
s pull request are tiny compared with the other threats - e.g. github being=
compromised, one of the core developers' passwords being compromised, =
one of the core developers going rogue, sourceforge (distribution site) bei=
ng compromised etc etc... believe me there's a lot more to worry about =
than a SHA1 attack...<div>
<br></div><div>Not meaning to scare, just to put things in perspective - th=
is is why we all need to peer review each others commits and keep an eye ou=
t for suspicious commits, leverage the benefits of this project being open =
source and easily peer reviewed.</div>
</div></blockquote><div><br></div><div>Very good points, and I think you=
9;re absolutely right.=A0 <br><br>But just running the numbers, to get the =
picture, based of scheiner's statistics:<br><br><a href=3D"http://www.s=
chneier.com/blog/archives/2012/10/when_will_we_se.html">http://www.schneier=
.com/blog/archives/2012/10/when_will_we_se.html</a><br>
<br></div><div>We're talking about a million terrahashes =3D 2^60 right=
?<br><br></div><div>With the block chain, you only have a 10 minute window,=
but with source code you have a longer time to prepare.<br></div><div><br>
</div><div>Couldnt this be done with an ASIC in about a week?<br></div><div=
><br></div><div>=A0</div><blockquote class=3D"gmail_quote" style=3D"margin:=
0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">=
<div dir=3D"ltr">
<span class=3D""><font color=3D"#888888">
<div><br></div><div>Will</div></font></span></div><div class=3D""><div clas=
s=3D"h5"><div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote">On 1=
April 2013 23:52, Melvin Carvalho <span dir=3D"ltr"><<a href=3D"mailto:=
melvincarvalho@gmail.com" target=3D"_blank">melvincarvalho@gmail.com</a>>=
;</span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-=
left:1px solid rgb(204,204,204);padding-left:1ex"><div dir=3D"ltr"><br><div=
class=3D"gmail_extra"><br><br><div class=3D"gmail_quote"><div>On 1 April 2=
013 20:28, Petr Praus <span dir=3D"ltr"><<a href=3D"mailto:petr@praus.ne=
t" target=3D"_blank">petr@praus.net</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-=
left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir=3D"ltr">An attacker would have to find a collision between two spe=
cific pieces of code - his malicious code and a useful innoculous code that=
would be accepted as pull request. This is the second, much harder case in=
the birthday problem. When people talk about SHA-1 being broken they actua=
lly mean the first case in the birthday problem - find any two arbitrary va=
lues that hash to the same value. So, no I don't think it's a feasi=
ble attack vector any time soon.<div>
<br></div><div>Besides, with that kind of hashing power, it might be more f=
easible to cause problems in the chain by e.g. constantly splitting it.</di=
v></div></blockquote><div><br></div></div><div>OK, maybe im being *way* too=
paranoid here ... but what if someone had access to github, could they rep=
lace one file with one they had prepared at some point?<br>
</div><div><div>=A0</div><blockquote class=3D"gmail_quote" style=3D"margin:=
0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">=
<div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote"><div><div>
On 1 April 2013 03:26, Melvin Carvalho <span dir=3D"ltr"><<a href=3D"mai=
lto:melvincarvalho@gmail.com" target=3D"_blank">melvincarvalho@gmail.com</a=
>></span> wrote:<br></div></div><blockquote class=3D"gmail_quote" style=
=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding=
-left:1ex">
<div><div>
<div dir=3D"ltr"><div><div><div>I was just looking at:<br><br><a href=3D"ht=
tps://bitcointalk.org/index.php?topic=3D4571.0" target=3D"_blank">https://b=
itcointalk.org/index.php?topic=3D4571.0</a><br><br></div>I'm just curio=
us if there is a possible attack vector here based on the fact that git use=
s the relatively week SHA1<br>
<br></div>Could a seemingly innocuous pull request generate another file wi=
th a backdoor/nonce combination that slips under the radar?<br><br></div>Ap=
ologies if this has come up before ...<br></div>
<br></div></div>-----------------------------------------------------------=
-------------------<br>
Own the Future-Intel&reg; Level Up Game Demo Contest 2013<br>
Rise to greatness in Intel's independent game demo contest.<br>
Compete for recognition, cash, and the chance to get your game<br>
on Steam. $5K grand prize plus 10 genre and skill prizes.<br>
Submit your demo by 6/6/13. <a href=3D"http://p.sf.net/sfu/intel_levelupd2d=
" target=3D"_blank">http://p.sf.net/sfu/intel_levelupd2d</a><br>___________=
____________________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net" target=3D"_bla=
nk">Bitcoin-development@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
<br></blockquote></div><br></div>
</blockquote></div></div><br></div></div>
<br>-----------------------------------------------------------------------=
-------<br>
Own the Future-Intel&reg; Level Up Game Demo Contest 2013<br>
Rise to greatness in Intel's independent game demo contest.<br>
Compete for recognition, cash, and the chance to get your game<br>
on Steam. $5K grand prize plus 10 genre and skill prizes.<br>
Submit your demo by 6/6/13. <a href=3D"http://p.sf.net/sfu/intel_levelupd2d=
" target=3D"_blank">http://p.sf.net/sfu/intel_levelupd2d</a><br>___________=
____________________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net" target=3D"_bla=
nk">Bitcoin-development@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
<br></blockquote></div><br></div>
</div></div></blockquote></div><br></div></div>
--90e6ba25e8c1a0dfa304d9542109--
|
