[PLUG-TALK] Grizzly Steppe

Keith Lofstrom keithl at kl-ic.com
Fri Dec 30 22:32:23 UTC 2016


On Fri, 30 Dec 2016, Keith Lofstrom wrote:
> Could someone with more security skills than I download those
> files to a test machine and look for security exploits, then post
> the tested copies with checksums on a trustworthy download site?
> ...
> I also don't trust that identical content will be served to every
> IP address requesting those files.
> ...

On Fri, Dec 30, 2016 at 02:02:19PM -0500, Paul Heinlein wrote:
> FWIW
> ...
> Below my sig is the content of the JAR run through pdftotext and
> then through fmt. No other editing or reformatting was done, so
> whitespace and line breaks don't always lend themselves to clarity.
> Plus, any embedded images have been dropped.
> ...

Thanks, Paul, though I probably wasn't clear.

Indeed, I can look at such files with open source tools
in a virtual instance of an open source OS, and I can be
reasonably confident that malware will not leap out of
the rendered pixels and eat my host OS.  

No, my concern is that malware, perhaps steganographically
hidden in an image or "rich text", could be targeted at
particular windows/mac/android systems.  Not that that has
ever ever happened before ... cough cough stuxnet cough.

I do not have the skills to detect such exploits, merely
the powerful open source tools to protect myself.  The
vast majority does not use our tools.

I'm not worried for myself.  Although I have attended
parties with NSA brass (my wife grew up in a bedroom 
community for them), I don't think I did anything to
get on their shitlist (perhaps this qualifies).  I am
told that the TLA agencies have quite a shitlist, and
the means to quietly distribute shit to the list-ees.

Looking out for the public is among our duties as
professionals.  That's why scrutinizing closed-source
but official documents, and helping our fellow citizens
make sure they have the same scrutinized version of the
documents, is one of the contributions we can make to a
free society.

Keith

-- 
Keith Lofstrom          keithl at keithl.com



More information about the PLUG-talk mailing list