[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #5837 [Quality Assurance and Testing]: Use IDA Pro and/or BinDiff to inspect releases
#5837: Use IDA Pro and/or BinDiff to inspect releases
-------------------------------------------+--------------------------------
Reporter: mikeperry | Owner: cypherpunks
Type: project | Status: new
Priority: major | Milestone:
Component: Quality Assurance and Testing | Version:
Keywords: volunteer | Parent: #5292
Points: | Actualpoints:
-------------------------------------------+--------------------------------
Comment(by tom):
Replying to [comment:24 erinn]:
> Is there anything I can do to help here? Would it be useful for me to
rebuild that tag to see if I get differences from the same build machine?
Because the end goal is determining whether or not the build process is
tampered with, performing bindiffs will not do it. There are techniques
to backdoor a binary without modifying the primary code (via DWARF
exception chains. I'm sure there are others.) It'd have to be via hash
matches or a different comparison process.
However, I think step 1 to getting identical binaries from two build
machines is getting identical assembly. So if anyone can post binaries
from two different machines that were built with the same compiler flags
''and the same compiler version'' I (or anyone) could do the bindiff
process again and we can see how close that gets us. It may be necessary
to use the compiler options mentioned in #3688.
As it is, the quantity of changes seen above make it unrealistic for a
manual diff comparison.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5837#comment:25>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs