The point is, that they don't check the hashes.
They send once a mail concerning file spider.tgz of size around 130kb
claiming it is Spiderman 2 movie.
And the path was like
/pub/linux/Slackware/10.0/ ... you get the idea.
So it's just a fuss worth nothing.
Just my $0.02
Honza Vlach
--
-
Guten Tag Jason,
[1]
J> It was once said that you could not realistically create two difference
J> sets of data that would cause a hash collision.
Correct, note that there has been as much (if not more) research in that field
than in
the heap overflow sector.
[2]
J> It was once said that you cou
On Apr 8, 2005 10:50 AM, Jason <[EMAIL PROTECTED]> wrote:
[snip]
> I think that entirely depends on the format the file is distributed in.
> You could take a zipfile and pad it in non critical areas to change the
> MD5 without creating a substantial difference in the deliverable
> content. You cou
Thierry Zoller wrote:
Dear Jason,
J> I think that entirely depends on the format the file is distributed in.
J> You could take a zipfile and pad it in non critical areas to change the
J> MD5 without creating a substantial difference in the deliverable
J> content. You could do the same with gzip o
Dear Jason,
J> I think that entirely depends on the format the file is distributed in.
J> You could take a zipfile and pad it in non critical areas to change the
J> MD5 without creating a substantial difference in the deliverable
J> content. You could do the same with gzip or bzip formatted files
On Fri, 08 Apr 2005 13:45:51 EDT, Jason said:
> I get the point just fine. Injecting files C and D results in a
> situation that cannot be resolved without downloading both files.
>
> Song A = mp3 format file with valid license to BSA
> Song B = mp3 format file without valid license to BSA
> Son
[EMAIL PROTECTED] wrote:
On Fri, 08 Apr 2005 12:50:24 EDT, Jason said:
I think that entirely depends on the format the file is distributed in.
You could take a zipfile and pad it in non critical areas to change the
MD5 without creating a substantial difference in the deliverable
content. You c
On Fri, 08 Apr 2005 12:50:24 EDT, Jason said:
> I think that entirely depends on the format the file is distributed in.
> You could take a zipfile and pad it in non critical areas to change the
> MD5 without creating a substantial difference in the deliverable
> content. You could do the same w
[EMAIL PROTECTED] wrote:
On Fri, 08 Apr 2005 12:07:08 EDT, bkfsec said:
Craft a file with the same hash, time+date stamp and size, and be sure
to include a program and license disclosure for a program that you
wrote.
Unfortunately, nobody has a good algorithm for creating a file that has the
[EMAIL PROTECTED] wrote:
On Fri, 08 Apr 2005 12:07:08 EDT, bkfsec said:
Craft a file with the same hash, time+date stamp and size, and be sure
to include a program and license disclosure for a program that you
wrote.
Unfortunately, nobody has a good algorithm for creating a file that has the
s
On Fri, 08 Apr 2005 12:07:08 EDT, bkfsec said:
> Craft a file with the same hash, time+date stamp and size, and be sure
> to include a program and license disclosure for a program that you
> wrote.
Unfortunately, nobody has a good algorithm for creating a file that has the
same MD5 hash as a g
Jason wrote:
My point is that all you have to do is provide content they do not own
but do download or attempt to download for this test to fail. Simply
the existence of content with an advertised hash and name that is the
same as other content does not prove they own the content or that it
is
Michael Holstein wrote:
That's why if you wanted, you could sell bags of flour as cocaine
and not be
charged with drug dealing. Fine, it looks the same and weighs the same,
however it isn't the product that's illegal. And to prove that it's
illegal,
they need to test it.
Well ... tell that to t
That's why if you wanted, you could sell bags of flour as cocaine and not be
charged with drug dealing. Fine, it looks the same and weighs the same,
however it isn't the product that's illegal. And to prove that it's illegal,
they need to test it.
Well ... tell that to these idiots :
http://www.cl
I think you are missing my point.
AJ C wrote:
Civil vs Criminal cases dude, you're imposing some aspects of criminal
cases upon civil proceedings and that's not how they work. In a
criminal trial it's a dramatized version of reasonable doubt, civil
proceedings must show 51%+ responsibility on the
Civil vs Criminal cases dude, you're imposing some aspects of criminal
cases upon civil proceedings and that's not how they work. In a
criminal trial it's a dramatized version of reasonable doubt, civil
proceedings must show 51%+ responsibility on the part of the defendant
(much, much easier and w
IANAL but it seems this thought process is broken.
Jason Coombs wrote:
Come on, people, get a clue.
The copyright owner has authorized the forensic investigators to
download the infringing material. If it was there, according to a
forensic investigator, then you have to prove it was not.
This posit
Cc:full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Re: Case ID 51560370 - Notice of
ClaimedInfringement
Dear Jason Coombs,
JC> Come on, people, get a clue.
JC> The copyright owner has authorized the forensic investigators
JC> to download the infringing material.
JC
On Thu, 7 Apr 2005, Poof wrote:
[SNIP]
> That's why if you wanted, you could sell bags of flour as cocaine and not be
> charged with drug dealing. Fine, it looks the same and weighs the same,
> however it isn't the product that's illegal. And to prove that it's illegal,
> they need to tes
Well, a friend of mine also got a mail like this once. This letter consisted
of approximately the same that yours did -- the difference being, that he had
never seen the file, nor heard of it.
I would tend to say that this -- if you believe me, again believing in my
trust to my friend -- makes
Dear Jason Coombs,
JC> Come on, people, get a clue.
JC> The copyright owner has authorized the forensic investigators
JC> to download the infringing material.
JC> If it was there, according to
JC> a forensic investigator, then you have to prove it was not.
In what jurisidction? The world ? FD is
Come on, people, get a clue.
The copyright owner has authorized the forensic investigators to download the
infringing material. If it was there, according to a forensic investigator,
then you have to prove it was not.
Please stop viewing the world as a level playing field populated by absolutes
Ahh, but what if said user is falsifying MD5sums with same size files in
order to help hinder piracy of said product?
In order to say that -I- am sharing Fedora.iso(Just an example.) you'd have
to download it and run it yourself. You can't just say that the MD5sum,
size, and name all match so it h
23 matches
Mail list logo
