|
Steve (OP)
|
 |
June 18, 2011, 04:16:07 AM |
|
I'm sure it's only a matter of time before a virus targets the bitcoin executable. I was thinking it would be a good idea to check the md5sum as a precaution prior to running the client. I launch bitcoin from a shell script, so this check is pretty easy to add (replace "--help" with the params you use to launch bitcoin): #!/bin/bash
export EXPECTED_HASH="MD5 (bitcoin) = cff1d720be1387a5d443d7b7cb4a8e0a"
export HASH=`md5 bitcoin`
if [ "$HASH" == "$EXPECTED_HASH" ]; then
./bitcoin --help
else
echo Warning! The Bitcoin executable may have been tampered with!!!
fi
|
|
|
|
|
|
|
|
|
"This isn't the kind of software where we can leave so many unresolved bugs that we need a tracker for them." -- Satoshi
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
frozen
|
|
June 18, 2011, 05:12:32 AM |
|
Do you really have a command called "md5" on your system, or did you mean "md5sum" ?
Also... IMO, if you're going to do this (good idea), you might as well do the best that you can... md5 is comparatively easy to engineer collisions, so please consider using sha256sum or sha512sum
sha256sum bf5d80230534f4f71a73d74abfc73341f1ca8e000a8e506f7d84c94f7bfdba82
sha512sum 48090f098f51a036d2ab181419f6e5e754071cc45196b4a43114b0b47043cd40822eb6d7b124018 e4f5aa8ed7ae76459712cbb9fb0bc152c72c1bf49bbaed39a
Another way to combat this problem is to just name the binary something other than "bitcoin"
|
|
|
|
|
imperi
|
|
June 18, 2011, 05:13:31 AM |
|
Do you really have a command called "md5" on your system, or did you mean "md5sum" ?
Also... IMO, if you're going to do this (good idea), you might as well do the best that you can... md5 is comparatively easy to engineer collisions, so please consider using sha256sum or sha512sum
sha256sum bf5d80230534f4f71a73d74abfc73341f1ca8e000a8e506f7d84c94f7bfdba82
sha512sum 48090f098f51a036d2ab181419f6e5e754071cc45196b4a43114b0b47043cd40822eb6d7b124018 e4f5aa8ed7ae76459712cbb9fb0bc152c72c1bf49bbaed39a
Another way to combat this problem is to just name the binary something other than "bitcoin"
I bet he aliased 'md5sum' to 'md5'. Which is really funny because he couldn't remember 3 extra letters. |
|
|
|
|
|
Steve (OP)
|
|
June 18, 2011, 05:21:13 AM |
|
Yes, I do have an md5 executable...it might be an OSX or BSD thing. Curiously, it doesn't have md5sum. But it does have shasum...go figure. SHA would indeed be better than md5. Renaming is good too, but I suppose a attacker could scan the system looking for an executable that has bitcoin's hash.
|
|
|
|
|
frozen
|
|
June 18, 2011, 05:21:54 AM |
|
I bet he aliased 'md5sum' to 'md5'. Which is really funny because he couldn't remember 3 extra letters.
Tab completion: md5[tab] Also, a few pointers for your script. 1. You can drop the export keyword for the variables. 2. Use $() instead of ``, it's more visible: `md5sum bitcoin` == $(md5sum bitcoin) cat > bitcoin_check.sh << EOF
#!/bin/bash
BITCOIN=/home/frozen/bin/b_i_t_c_o_i_n
HASH=48090f098f51a036d2ab181419f6e5e754071cc45196b4a43114b0b47043cd40822eb6d7b124018e4f5aa8ed7ae76459712cbb9fb0bc152c72c1bf49bbaed39a
test "$(sha512sum $BITCOIN)" != "$HASH $BITCOIN" && echo BAD HASH && exit 1
$BITCOIN $@
EOF
|
|
|
|
|
stick_theman
|
|
June 18, 2011, 07:15:14 PM |
|
Good idea.
This should be a built-in feature for the default client before it runs. My angel is coming from ordinary moms and pops running windows. For BTC to take off, we really need more involvement from the general public.
|
|
|
|
|
|
frozen
|
|
June 18, 2011, 08:10:07 PM |
|
Good idea.
This should be a built-in feature for the default client before it runs. My angel is coming from ordinary moms and pops running windows. For BTC to take off, we really need more involvement from the general public.
If an attacker replaces the default client, he can do whatever he wants. |
|
|
|
titeuf_87
Member
 Offline
Activity: 111
Merit: 10
|
|
June 18, 2011, 08:11:28 PM |
|
Good idea.
This should be a built-in feature for the default client before it runs. My angel is coming from ordinary moms and pops running windows. For BTC to take off, we really need more involvement from the general public.
This is not really possible: if someone tampers with the binary, they'll change the checksum too. |
15kfBM3TQ4PGzL7cKncU3su2pH7ZJmiLtr
|
|
|
|
bcearl
|
|
June 18, 2011, 10:08:55 PM |
|
md5sum is not secure, use sha256sum or something like that instead.
|
Misspelling protects against dictionary attacks NOT
|
|
|
TonyHoyle
Newbie
Offline
Activity: 59
Merit: 0
|
|
June 18, 2011, 10:14:00 PM |
|
Good idea.
This should be a built-in feature for the default client before it runs. My angel is coming from ordinary moms and pops running windows. For BTC to take off, we really need more involvement from the general public.
This is not really possible: if someone tampers with the binary, they'll change the checksum too. On Windows (and OSX, but it's rarely used) you can sign the binary. If someone modifies it then it won't even run. Of course that doesn't stop someone completely replacing it... but then they could replace the script that checks the md5 too. |
|
|
|
|
|
