Collaborate Disseminate
In the three or four decades since storing programs on audio cassettes has been relevant, a lot of irreplaceable personal computing history has been lost to the ravages of time …read more Continue reading Persistence Pays in TI-99/4A Cassette Tape Data Recovery
Is it possible to generate a file with a given sha256sum checksum?
That is, reverse the process of a sha256sum checksum. That is, if we have a checksum, can we generate txt file data (need not be original) whose its checksum is equal to th… Continue reading Is it possible to generate a file with a given sha256sum checksum?
A server gets requests with a username and password. Checking the password can be expensive, so a hacker can do a DoS attack by sending lots of requests with random passwords. No attempt to break in, just trying to waste time on the serve… Continue reading Avoid checking passwords for dos attacks
Assuming I have secret data that is encrypted (using sops for example) and a checksum of the secret data for change detection: Is it possible to derive secret information from the checksum or should the checksum also be encrypted?
I would … Continue reading Can the secret be derived from the checksum? Should the checksum be encrypted?
I am under the assumption that large parts of the internet are under supply-chain MITM attacks all the time. I’m wondering what’s the best way of reliably ensuring the integrity of system packages, etc.
I’d like to get my packages from mul… Continue reading Best Way to Reliably Performing Checksums Assuming Entire Internet is Compromised
is it practically possible to ensure that the integrity of an ISO image for an OS is legit with 99.999% certainty?
I was thinking of buying a bunch of DVDs of Ubuntu 22.04 on eBay and comparing the checksums. Would the checksums match up i… Continue reading Bulletproof Way of Ensuring the Integrity of Base OS Images [closed]
I am writing a cloud backup system, and want to use a checksum to know if a file has been modified, and accordingly sync it with the server.
This question shows that xxHash is super fast, and this shows that it is significantly worse in te… Continue reading Good checksum algorithm for backup / cloud sync system
Alternatively, the question could be asked: Does issuing a checksum for a file we sign anyways just duplicate work?
Use case: Firmware sent to an IoT device. We sign it, and form a separate checksum for it.
My understanding is that this is… Continue reading Is signing a file better than issuing a checksum, and does it render a separate checksum useless?
As I understand, some IoT devices verify the integrity of firmware updates downloaded from the internet using the checksum of the file before installing the update, making it impossible for attackers to perform a man-in-the-middle attack a… Continue reading How do IoT devices know the checksum of firmware upgrades?
It seems the latest version of CloudFormation binaries used on EC2 Windows instances are reported as NOT legit by VirusTotal.
Mainly cfn-elect-cmd-leader.exe" and "winhup.exe"
https://www.virustotal.com/gui/file/a2f09c6a1f7d… Continue reading Latest AWS Windows Cloud Formation bootstrap binaries are not legit?