Re: Winzip's 256bit-AES encryption & self-extracting files
- From: "Sebastian G." <seppi@xxxxxxxxx>
- Date: Sun, 13 Jan 2008 20:27:52 +0100
Bakko wrote:
The "self-extracting" code can be modified i.e. in an MITM attack, and
so can malware code injected and run on the target machine.
VB.
Perhaps you haven't read my original post in this thread?
Perhaps you didn't read it yourself? Telling that you want to send your data via transfer of a physical media only came up later, and it doesn't mitigate this thread at all (since the attacker can read out the physical media, modify the data and write them to a new media).
And you never ever bothered about verifying its integrity via any means, so this attack should be considered seriously.
.
- References:
- Re: Winzip's 256bit-AES encryption & self-extracting files
- From: Volker Birk
- Re: Winzip's 256bit-AES encryption & self-extracting files
- From: Bakko
- Re: Winzip's 256bit-AES encryption & self-extracting files
- Prev by Date: Re: Winzip's 256bit-AES encryption & self-extracting files
- Next by Date: Re: Google's gonna hate this!
- Previous by thread: Re: Winzip's 256bit-AES encryption & self-extracting files
- Next by thread: Google's gonna hate this!
- Index(es):
