Will IE6 under Wine get infected? - Ubuntu

This is a discussion on Will IE6 under Wine get infected? - Ubuntu ; AZ Nomad wrote: > On Fri, 03 Oct 2008 14:16:53 GMT, jellybean stonerfish > wrote: >>On Fri, 03 Oct 2008 15:44:47 +0200, Peter Köhlmann wrote: > >>> jellybean stonerfish wrote: >>> >>>> On Fri, 03 Oct 2008 08:54:19 +0000, Christopher ...

+ Reply to Thread
Page 6 of 8 FirstFirst ... 4 5 6 7 8 LastLast
Results 101 to 120 of 145

Thread: Will IE6 under Wine get infected?

  1. Re: Will IE6 under Wine get infected?

    AZ Nomad wrote:

    > On Fri, 03 Oct 2008 14:16:53 GMT, jellybean stonerfish
    > wrote:
    >>On Fri, 03 Oct 2008 15:44:47 +0200, Peter Köhlmann wrote:

    >
    >>> jellybean stonerfish wrote:
    >>>
    >>>> On Fri, 03 Oct 2008 08:54:19 +0000, Christopher Hunter wrote:
    >>>>
    >>>>> dennis@home wrote:
    >>>>>
    >>>>>> I did demonstrate the flaw (well I posted proof that someone else
    >>>>>> had),
    >>>>>
    >>>>> No you didn't. Total BS as usual. **** off back to your useless
    >>>>> Windows, and leave the grown-ups alone.
    >>>>>
    >>>>> *PLONK*
    >>>>
    >>>> Can you post the proof for me, as I don't remember reading it before.
    >>>> I will be impartial, and tell you two who is right, then we can
    >>>> eliminate this part of the flame war, and get on to better arguments.
    >>>
    >>> Search it yourself.
    >>> The theme has been discussed several times, as MD5-dennis is unable to
    >>> understand the difference between a "collision attack" and a "pre image
    >>> attack"
    >>> Hence his "problem" of showing what kind of incompetent nincompoop he is

    >
    >> My understanding is that more than one file can generate the same MD5
    >>sum.


    Yes, it is possible to generate two files with the same MD5 sum.
    But to do that you need to generate *both* files, and you have no control
    about the MD5 value itself then.
    This is called the "collision attack".
    But is is impossible to do same to a file already present in a repo and
    exchange it with a tampered with file. It is absolutely impossible then to
    generate an iditical MD5 sum, because you do not control the "original"
    file. And, to top it off, the MD5 sum, even *if* you could generate a valid
    one, would differ from that one of the repo, which you can't control

    >>But to make subtle changes to a file, and have it still generate
    >>the same MD5 sum is close to impossible.


    Not "close to" impossible. Exchange that with "impossible even if you
    combine all the computing power in the world for several thousand years"
    and you are closer to the truth

    >>I may not understand MD5 flaws, but my understanding and ability to find
    >>the answer is not the issue here.
    >>Christopher and Dennis are arguing about if Dennis posted proof of
    >>an md5 flaw. I want to see Dennis' proof so I can decide for myself if
    >>he has posted a proof.

    >


    Well, MD5-dennis claims that you can tamper with linux repos because MD5 is
    not bulletproof against collision attacks.
    He steadfastly ignores that to do that you need "pre image attacks". But MD5
    is not susceptible to those

    >
    > That will *never* happen. Denis is too much of a lazy ****head and
    > coward.


    Well, and all this idiocy from him because he somehow wanted to "prove" that
    linux is as insecure against tampered "updates" as is windows. Windows
    files are not MD5-summed (or, for that matter, summed with /any/ method).
    So, to have a go against linux vastly better security in this regard, he
    needed some "proof" that it is possible to compromize linux files without
    someone noticing.

    He failed big time, and while doing so showed what kind of incompetent and
    dumb twit he is
    --
    Linux: Because rebooting is for adding new hardware


  2. Re: Will IE6 under Wine get infected?

    On Fri, 03 Oct 2008 16:16:31 +0000, SINNER wrote:


    > Here is the MID that started the ~560 post thread
    >
    > Message-ID:


    Google groups doesn't find that number, and my server doesn't even have
    the thread "Internet Speed" anymore.

    >
    > The MD5 discussion is pretty deep, but its there. I dont claim that
    > there is any proof one way or the other, but there you have it.
    >
    > The title of the tread is Internet Speed.



  3. Re: Will IE6 under Wine get infected?

    * jellybean stonerfish wrote in alt.os.linux.ubuntu:

    > On Fri, 03 Oct 2008 16:16:31 +0000, SINNER wrote:
    >
    >
    >> Here is the MID that started the ~560 post thread
    >>
    >> Message-ID:

    >
    > Google groups doesn't find that number,


    This group isnt archived on GG. Blessing and a Curse.

    > and my server doesn't even have
    > the thread "Internet Speed" anymore.


    You mean you dont have a local spool?! Shame on you

    --
    David

  4. Re: Will IE6 under Wine get infected?

    On Fri, 03 Oct 2008 17:40:25 +0000, SINNER wrote:

    > * jellybean stonerfish wrote in alt.os.linux.ubuntu:
    >
    >> On Fri, 03 Oct 2008 16:16:31 +0000, SINNER wrote:
    >>
    >>
    >>> Here is the MID that started the ~560 post thread
    >>>
    >>> Message-ID:

    >>
    >> Google groups doesn't find that number,

    >
    > This group isnt archived on GG. Blessing and a Curse.
    >
    >> and my server doesn't even have
    >> the thread "Internet Speed" anymore.

    >
    > You mean you dont have a local spool?! Shame on you


    Yes, shame on me. I am using "pan". I was about to throw it away this
    morning, as it was soooo slooow. Running "top" showed it at 67% cpu.
    Second underneath was "apt-spi-registry" A quick search found that I
    could disable that in my "Assitive Technologies Preferences" After a
    logout and then login, my desktop is much more responsive, and pan is
    fast again. But that is beside the point. It is probably time I start
    figuring out how to use slrn and slrnpull. I started using pan, because
    it was there. Now I use it just because I am a creature of habit.

    stonerfish

  5. Re: Will IE6 under Wine get infected?

    On Fri, 03 Oct 2008 18:57:19 +0000, Christopher Hunter wrote:
    >AZ Nomad wrote:


    >> That will *never* happen. Denis is too much of a lazy ****head and
    >> coward.


    >It'll also *never* happen because it *cannot* happen. Dennis is
    >probably /still/ trying to create two differing files with the same MD5.


    Denis just isn't capable of presenting any decent arguments to promote his
    agenda.

    Choice 1: windows -- seventeen different update programs running, each
    for one software product, each pulling in spyware, malware and god only
    knows what.

    Choice 2: linux -- the distributions' package manager providing a single update
    system running code inspected around the world, to download packages that have
    strong verification codes and doing it all with the user's explicit knowledge.

    Give me choice 1! I love how updating java can give me such lovely add-ons
    like a yahoo tool bar that has no uninstaller! Pile on that crapware. The
    more the better!

  6. Re: Will IE6 under Wine get infected?



    "Christopher Hunter" wrote in message
    news:6km4tkF8akp6U1@mid.individual.net...
    > dennis@home wrote:
    >
    >> I did demonstrate the flaw (well I posted proof that someone else had),

    >
    > No you didn't. Total BS as usual. **** off back to your useless Windows,
    > and leave the grown-ups alone.
    >
    > *PLONK*


    Ahh the usual response when CHunter is feeling a bit defeated.
    Never the less he will pop up again and argue the same old cr@p. ;-)


  7. Re: Will IE6 under Wine get infected?



    "jellybean stonerfish" wrote in message
    newstoFk.57418$yU7.50057@newsfe19.ams2...
    > On Fri, 03 Oct 2008 08:54:19 +0000, Christopher Hunter wrote:
    >
    >> dennis@home wrote:
    >>
    >>> I did demonstrate the flaw (well I posted proof that someone else had),

    >>
    >> No you didn't. Total BS as usual. **** off back to your useless
    >> Windows, and leave the grown-ups alone.
    >>
    >> *PLONK*

    >
    > Can you post the proof for me, as I don't remember reading it before. I
    > will be impartial, and tell you two who is right, then we can eliminate
    > this part of the flame war, and get on to better arguments.
    >


    Its all on google.




  8. Re: Will IE6 under Wine get infected?



    "PeterKhlmann" wrote in message
    news:48e621cf$0$6583$9b4e6d93@newsspool4.arcor-online.net...
    > jellybean stonerfish wrote:
    >
    >> On Fri, 03 Oct 2008 08:54:19 +0000, Christopher Hunter wrote:
    >>
    >>> dennis@home wrote:
    >>>
    >>>> I did demonstrate the flaw (well I posted proof that someone else had),
    >>>
    >>> No you didn't. Total BS as usual. **** off back to your useless
    >>> Windows, and leave the grown-ups alone.
    >>>
    >>> *PLONK*

    >>
    >> Can you post the proof for me, as I don't remember reading it before. I
    >> will be impartial, and tell you two who is right, then we can eliminate
    >> this part of the flame war, and get on to better arguments.

    >
    > Search it yourself.
    > The theme has been discussed several times, as MD5-dennis is unable to
    > understand the difference between a "collision attack" and a "pre image
    > attack"


    Do you want to try again?

    I know full well what a pre-image and a collision attack are.
    What you fail to grasp is that when you generate an MD5 sum you have no idea
    if a collision can be done with that file and sum.

    I even posted proof that someone had taken a file and then changed half of
    it to something else and kept the same MD5 sum.

    That was a small file.
    Maths says that with a large file generating collisions becomes easier.
    And as we were discussing ISO images at the time they are pretty big
    compared to the example.

    > Hence his "problem" of showing what kind of incompetent nincompoop he is


    Hence the problem is your stupidity.





  9. Re: Will IE6 under Wine get infected?

    * jellybean stonerfish wrote in alt.os.linux.ubuntu:

    > On Fri, 03 Oct 2008 17:40:25 +0000, SINNER wrote:
    >
    >> * jellybean stonerfish wrote in alt.os.linux.ubuntu:
    >>
    >>> On Fri, 03 Oct 2008 16:16:31 +0000, SINNER wrote:
    >>>
    >>>
    >>>> Here is the MID that started the ~560 post thread
    >>>>
    >>>> Message-ID:
    >>>
    >>> Google groups doesn't find that number,

    >>
    >> This group isnt archived on GG. Blessing and a Curse.
    >>
    >>> and my server doesn't even have
    >>> the thread "Internet Speed" anymore.

    >>
    >> You mean you dont have a local spool?! Shame on you

    >
    > Yes, shame on me. I am using "pan". I was about to throw it away this
    > morning, as it was soooo slooow. Running "top" showed it at 67% cpu.
    > Second underneath was "apt-spi-registry" A quick search found that I
    > could disable that in my "Assitive Technologies Preferences" After a
    > logout and then login, my desktop is much more responsive, and pan is
    > fast again. But that is beside the point. It is probably time I start
    > figuring out how to use slrn and slrnpull. I started using pan, because
    > it was there. Now I use it just because I am a creature of habit.
    >


    If I may, I'd suggest Leafnode2 instead of slrnpull. A bit more robust me
    thinks and don't be scared off by the 'alpha' tag, I have been running the
    2 branch for a couple of years now with no stability issues.

    --
    David

  10. Re: Will IE6 under Wine get infected?

    AZ Nomad wrote:

    > That will *never* happen. Denis is too much of a lazy ****head and
    > coward.


    It'll also *never* happen because it *cannot* happen. Dennis is
    probably /still/ trying to create two differing files with the same MD5.

    C.

  11. Re: Will IE6 under Wine get infected?



    "PeterKöhlmann" wrote in message
    news:48e648d0$0$17122$9b4e6d93@newsspool2.arcor-online.net...
    > AZ Nomad wrote:
    >
    >> On Fri, 03 Oct 2008 14:16:53 GMT, jellybean stonerfish
    >> wrote:
    >>>On Fri, 03 Oct 2008 15:44:47 +0200, Peter Köhlmann wrote:

    >>
    >>>> jellybean stonerfish wrote:
    >>>>
    >>>>> On Fri, 03 Oct 2008 08:54:19 +0000, Christopher Hunter wrote:
    >>>>>
    >>>>>> dennis@home wrote:
    >>>>>>
    >>>>>>> I did demonstrate the flaw (well I posted proof that someone else
    >>>>>>> had),
    >>>>>>
    >>>>>> No you didn't. Total BS as usual. **** off back to your useless
    >>>>>> Windows, and leave the grown-ups alone.
    >>>>>>
    >>>>>> *PLONK*
    >>>>>
    >>>>> Can you post the proof for me, as I don't remember reading it before.
    >>>>> I will be impartial, and tell you two who is right, then we can
    >>>>> eliminate this part of the flame war, and get on to better arguments.
    >>>>
    >>>> Search it yourself.
    >>>> The theme has been discussed several times, as MD5-dennis is unable to
    >>>> understand the difference between a "collision attack" and a "pre image
    >>>> attack"
    >>>> Hence his "problem" of showing what kind of incompetent nincompoop he
    >>>> is

    >>
    >>> My understanding is that more than one file can generate the same MD5
    >>>sum.

    >
    > Yes, it is possible to generate two files with the same MD5 sum.
    > But to do that you need to generate *both* files, and you have no control
    > about the MD5 value itself then.
    > This is called the "collision attack".
    > But is is impossible to do same to a file already present in a repo and
    > exchange it with a tampered with file. It is absolutely impossible then to
    > generate an iditical MD5 sum, because you do not control the "original"
    > file. And, to top it off, the MD5 sum, even *if* you could generate a
    > valid
    > one, would differ from that one of the repo, which you can't control


    Yet again you are too stupid to grasp the one really important fact..
    when you generated that file and sum you have no idea if a collision can be
    made with that file because you don't check it.
    So your impossible just isn't impossible.
    >
    >>>But to make subtle changes to a file, and have it still generate
    >>>the same MD5 sum is close to impossible.

    >
    > Not "close to" impossible. Exchange that with "impossible even if you
    > combine all the computing power in the world for several thousand years"
    > and you are closer to the truth


    You don't know that.
    You probably said the same thing when the flaws in WEP were first published.
    As you have shown that you have no idea what the attack method used to
    generate the collisions is I expect that your opinion is worthless.
    >
    >>>I may not understand MD5 flaws, but my understanding and ability to find
    >>>the answer is not the issue here.
    >>>Christopher and Dennis are arguing about if Dennis posted proof of
    >>>an md5 flaw. I want to see Dennis' proof so I can decide for myself if
    >>>he has posted a proof.

    >>

    >
    > Well, MD5-dennis claims that you can tamper with linux repos because MD5
    > is
    > not bulletproof against collision attacks.
    > He steadfastly ignores that to do that you need "pre image attacks". But
    > MD5
    > is not susceptible to those


    When you prove that all iso images are checked to prove its impossible then
    I will agree.
    Until then you are just wrong.

    Note that I said isos as I have never mentioned the repositories once in any
    of my post about MD5, that is just you making up lies as usual.

    >
    >>
    >> That will *never* happen. Denis is too much of a lazy ****head and
    >> coward.

    >
    > Well, and all this idiocy from him because he somehow wanted to "prove"
    > that
    > linux is as insecure against tampered "updates" as is windows. Windows
    > files are not MD5-summed (or, for that matter, summed with /any/ method).
    > So, to have a go against linux vastly better security in this regard, he
    > needed some "proof" that it is possible to compromize linux files without
    > someone noticing.


    That is not how this started.
    That is what you brought to the argument.
    I never mentioned windows.

    This all started because I said don't download an iso from a link in a
    usenet post unless you know who it is and trust them.
    You then went on to try and prove that it was safe to download random isos
    from unknown posters.
    I think you qualify as the idiot after that.
    >
    > He failed big time, and while doing so showed what kind of incompetent and
    > dumb twit he is


    How is not convincing a dimwit like you incompetent?
    You don't have the knowledge to understand and you don't have the desire to
    gain that knowledge.
    All you want to do is rant and rave and hope that you make enough noise to
    hide your stupidity.
    It may work amongst your COLA buddies but everyone else thinks you are
    stupid.




  12. Re: Will IE6 under Wine get infected?



    "Christopher Hunter" wrote in message
    news:6km58iF8akp6U2@mid.individual.net...
    > Peter Köhlmann wrote:
    >
    >> So pray tell, how do you avoid the sites which will infect your machine
    >> by
    >> simply visiting them?
    >> I always marvel at those windows types with the psychic powers who know
    >> *before* they click a link that they have to avoid it

    >
    > Didn't you know? Dennis' version of Windows is equipped with the
    > prescience
    > module - it's shipped as part of the special "Friends of Bill" version
    > that's not available to the general public, but never catches viruses,
    > never crashes, and works flawlessly with /every/ piece of hardware ever
    > invented.


    Still got this idea that vista doesn't work I see.
    I know different as does hundreds of millions.
    I know its you that is stupid, its obvious with every post you make.




  13. Re: Will IE6 under Wine get infected?

    On Fri, 03 Oct 2008 20:02:15 +0100, dennis@home wrote:

    > This all started because I said don't download an iso from a link in a
    > usenet post unless you know who it is and trust them. You then went on
    > to try and prove that it was safe to download random isos from unknown
    > posters.


    The creators of the original happy.iso post an md5sum on their site,
    next to the happy.iso, but their site is slow, so I only grab the md5sum
    from them, not the happy.iso. I search the web for happy.iso, and find a
    random site that offers a copy. This random site is fast, so I download
    happy.iso from them.

    I compare the md5sum from the happy.iso file I downloaded with the md5sum
    from the happy.iso creators. If they are the same md5sum, are you saying
    they might not be the same happy.iso?



  14. Re: Will IE6 under Wine get infected?

    jellybean stonerfish wrote:

    > On Fri, 03 Oct 2008 20:02:15 +0100, dennis@home wrote:
    >
    >> This all started because I said don't download an iso from a link in a
    >> usenet post unless you know who it is and trust them. You then went on
    >> to try and prove that it was safe to download random isos from unknown
    >> posters.

    >
    > The creators of the original happy.iso post an md5sum on their site,
    > next to the happy.iso, but their site is slow, so I only grab the md5sum
    > from them, not the happy.iso. I search the web for happy.iso, and find a
    > random site that offers a copy. This random site is fast, so I download
    > happy.iso from them.
    >
    > I compare the md5sum from the happy.iso file I downloaded with the md5sum
    > from the happy.iso creators. If they are the same md5sum, are you saying
    > they might not be the same happy.iso?


    Yes, MD5-dennis *is* that stupid.
    Or, alternativly, that dishonest because his beloved toy-OS does not offer
    even a tiny shred of security against tampered files
    --
    Another name for a Windows tutorial is crash course


  15. Re: Will IE6 under Wine get infected?

    On Fri, 03 Oct 2008 19:44:43 +0100, dennis@home wrote:


    >> Can you post the proof for me, as I don't remember reading it before.
    >> I will be impartial, and tell you two who is right, then we can
    >> eliminate this part of the flame war, and get on to better arguments.
    >>
    >>

    > Its all on google.
    >
    >


    There are a lot of things "on google", this group is not.
    You keep saying you posted proof, yet when asked to repost your proof,
    you evade the answer.
    I guess AZ Nomad was right when he said
    "That will *never* happen. Denis is too much of a lazy "

    stonerfish

  16. Re: Will IE6 under Wine get infected?

    dennis@home wrote:

    >
    >
    > "PeterKöhlmann" wrote in message
    > news:48e621cf$0$6583$9b4e6d93@newsspool4.arcor-online.net...
    >> jellybean stonerfish wrote:
    >>
    >>> On Fri, 03 Oct 2008 08:54:19 +0000, Christopher Hunter wrote:
    >>>
    >>>> dennis@home wrote:
    >>>>
    >>>>> I did demonstrate the flaw (well I posted proof that someone else
    >>>>> had),
    >>>>
    >>>> No you didn't. Total BS as usual. **** off back to your useless
    >>>> Windows, and leave the grown-ups alone.
    >>>>
    >>>> *PLONK*
    >>>
    >>> Can you post the proof for me, as I don't remember reading it before. I
    >>> will be impartial, and tell you two who is right, then we can eliminate
    >>> this part of the flame war, and get on to better arguments.

    >>
    >> Search it yourself.
    >> The theme has been discussed several times, as MD5-dennis is unable to
    >> understand the difference between a "collision attack" and a "pre image
    >> attack"

    >
    > Do you want to try again?
    >
    > I know full well what a pre-image and a collision attack are.


    Maybe *now* you have an idea. In the original thread several people tried to
    lecture you of those differences.

    > What you fail to grasp is that when you generate an MD5 sum you have no
    > idea if a collision can be done with that file and sum.


    I know exactly that a collision can *not* be done.
    As you have no control over the original file, you can't even do a collision
    attack. Do do a successful collision attack, you absolutely need control
    over *both*

    > I even posted proof that someone had taken a file and then changed half of
    > it to something else and kept the same MD5 sum.


    > That was a small file.


    No, you have not even understood *that* simple example correctly. You have
    to alter *both* files to be able to generate a same MD5 sum for both. *And*
    you get no control over the resulting MD5 hash

    > Maths says that with a large file generating collisions becomes easier.
    > And as we were discussing ISO images at the time they are pretty big
    > compared to the example.


    Math says you are an idiot
    Because the larger the files are, the longer it takes a generate a MD5 sum
    for any given file, rendering collision attacks progressivly slower than
    with short files

    >> Hence his "problem" of showing what kind of incompetent nincompoop he is

    >
    > Hence the problem is your stupidity.


    --
    Never argue with an idiot. He brings you down to his level, then beats
    you with experience...


  17. Re: Will IE6 under Wine get infected?

    On Fri, 03 Oct 2008 21:28:11 +0200, Peter Khlmann wrote:
    >jellybean stonerfish wrote:


    >> On Fri, 03 Oct 2008 20:02:15 +0100, dennis@home wrote:
    >>
    >>> This all started because I said don't download an iso from a link in a
    >>> usenet post unless you know who it is and trust them. You then went on
    >>> to try and prove that it was safe to download random isos from unknown
    >>> posters.

    >>
    >> The creators of the original happy.iso post an md5sum on their site,
    >> next to the happy.iso, but their site is slow, so I only grab the md5sum
    >> from them, not the happy.iso. I search the web for happy.iso, and find a
    >> random site that offers a copy. This random site is fast, so I download
    >> happy.iso from them.
    >>
    >> I compare the md5sum from the happy.iso file I downloaded with the md5sum
    >> from the happy.iso creators. If they are the same md5sum, are you saying
    >> they might not be the same happy.iso?


    >Yes, MD5-dennis *is* that stupid.
    >Or, alternativly, that dishonest because his beloved toy-OS does not offer
    >even a tiny shred of security against tampered files


    He still buys his updates once every seven years in the form of a new
    computer.

  18. Re: Will IE6 under Wine get infected?

    On Fri, 3 Oct 2008 19:44:43 +0100, dennis@home wrote:


    >"jellybean stonerfish" wrote in message
    >newstoFk.57418$yU7.50057@newsfe19.ams2...
    >> On Fri, 03 Oct 2008 08:54:19 +0000, Christopher Hunter wrote:
    >>
    >>> dennis@home wrote:
    >>>
    >>>> I did demonstrate the flaw (well I posted proof that someone else had),
    >>>
    >>> No you didn't. Total BS as usual. **** off back to your useless
    >>> Windows, and leave the grown-ups alone.
    >>>
    >>> *PLONK*

    >>
    >> Can you post the proof for me, as I don't remember reading it before. I
    >> will be impartial, and tell you two who is right, then we can eliminate
    >> this part of the flame war, and get on to better arguments.
    >>


    >Its all on google.


    >


    liar.

    It's put up or shut up time.


  19. Re: Will IE6 under Wine get infected?



    "jellybean stonerfish" wrote in message
    news:RpuFk.5938$mh.717@newsfe29.ams2...
    > On Fri, 03 Oct 2008 19:44:43 +0100, dennis@home wrote:
    >
    >
    >>> Can you post the proof for me, as I don't remember reading it before.
    >>> I will be impartial, and tell you two who is right, then we can
    >>> eliminate this part of the flame war, and get on to better arguments.
    >>>
    >>>

    >> Its all on google.
    >>
    >>

    >
    > There are a lot of things "on google", this group is not.
    > You keep saying you posted proof, yet when asked to repost your proof,
    > you evade the answer.
    > I guess AZ Nomad was right when he said
    > "That will *never* happen. Denis is too much of a lazy "


    I found it using google, you can do the same.
    I don't keep a record of news groups for months so I can't post the message
    links.
    If you want to believe what AZ posted then feel free it makes no difference
    to the facts.
    >
    > stonerfish



  20. Re: Will IE6 under Wine get infected?



    "PeterKöhlmann" wrote in message
    news:48e67434$0$28902$9b4e6d93@newsspool1.arcor-online.net...
    > dennis@home wrote:
    >
    >>
    >>
    >> "PeterKöhlmann" wrote in message
    >> news:48e621cf$0$6583$9b4e6d93@newsspool4.arcor-online.net...
    >>> jellybean stonerfish wrote:
    >>>
    >>>> On Fri, 03 Oct 2008 08:54:19 +0000, Christopher Hunter wrote:
    >>>>
    >>>>> dennis@home wrote:
    >>>>>
    >>>>>> I did demonstrate the flaw (well I posted proof that someone else
    >>>>>> had),
    >>>>>
    >>>>> No you didn't. Total BS as usual. **** off back to your useless
    >>>>> Windows, and leave the grown-ups alone.
    >>>>>
    >>>>> *PLONK*
    >>>>
    >>>> Can you post the proof for me, as I don't remember reading it before.
    >>>> I
    >>>> will be impartial, and tell you two who is right, then we can eliminate
    >>>> this part of the flame war, and get on to better arguments.
    >>>
    >>> Search it yourself.
    >>> The theme has been discussed several times, as MD5-dennis is unable to
    >>> understand the difference between a "collision attack" and a "pre image
    >>> attack"

    >>
    >> Do you want to try again?
    >>
    >> I know full well what a pre-image and a collision attack are.

    >
    > Maybe *now* you have an idea. In the original thread several people tried
    > to
    > lecture you of those differences.
    >
    >> What you fail to grasp is that when you generate an MD5 sum you have no
    >> idea if a collision can be done with that file and sum.

    >
    > I know exactly that a collision can *not* be done.
    > As you have no control over the original file, you can't even do a
    > collision
    > attack. Do do a successful collision attack, you absolutely need control
    > over *both*


    Yet again you show that you just can't understand something very simple.
    I will say it very slowly.
    Unless you test your file you cannot know that a collision can't happen.
    You don't test so you don't know.
    You are wrong live with it.

    >> I even posted proof that someone had taken a file and then changed half
    >> of
    >> it to something else and kept the same MD5 sum.

    >
    >> That was a small file.

    >
    > No, you have not even understood *that* simple example correctly. You have
    > to alter *both* files to be able to generate a same MD5 sum for both.
    > *And*
    > you get no control over the resulting MD5 hash
    >
    >> Maths says that with a large file generating collisions becomes easier.
    >> And as we were discussing ISO images at the time they are pretty big
    >> compared to the example.

    >
    > Math says you are an idiot
    > Because the larger the files are, the longer it takes a generate a MD5 sum
    > for any given file, rendering collision attacks progressivly slower than
    > with short files


    Are you now claiming that there are collision attacks but it just takes
    time?
    Not long ago you were stating there were no collision attacks possible.

    BTW as you don't know what the method of attack is you don't know how long
    it will take.
    WEP took weeks, then days, now its a few minutes or less as different ways
    of exploiting the weakness have appeared.





+ Reply to Thread
Page 6 of 8 FirstFirst ... 4 5 6 7 8 LastLast