Gervase Markham wrote: > Michael Vincent van Rantwijk, MultiZilla wrote: >> Let's go back one step: *if* Joe Hacker gets control over mozdev.org >> somehow, then he _can_ change the links and the downloads, easily, >> because the mirrors pull from that box, and that is the same for >> mozilla.org I suppose! > > This is true. But it doesn't contradict anything I've said. > > Let's make it simple: > > No link fingerprints: > Download mirror hacked => attacker has won > Webserver hacked => attacker has won > > Link fingerprints: > Download mirror hacked => attacker has lost > Webserver hacked => attacker has won > > Notice the improvement?
Yes, and I agree, fully. >>> So "the download is trojaned" does not automatically imply that the >>> hacker has access to change the fingerprint. >> >> In this case it does, and I'm not alone on this. > > No. You are mixing up cause and effect. > > I am saying "Download server hacked =/= hacker can change the fingerprint". > > You are saying "Hacker can change the fingerprint == hacker can cause > you to download a trojan". This is true, but it's not the opposite of > what I'm saying. Okay, so there is still a loop hole that won't be fixed before anti virus software is called and check the file. > Link Fingerprints are not a security panacea. They are a way of raising > the bar without making the user do any work. They would have avoided or > mitigated every trojaned download problem I've come across in the past > few years. I understand, but removing good files, because that will happen to our customers, is not good, that is what I try to address. Thanks for clearing things up, Michael _______________________________________________ dev-tech-network mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-network
