Re: Malicious Intent...technically possible?

On 27 Jan 2006 00:20:01 -0500, Bela Lubkin <filbo@xxxxxxxxxx> wrote:

>Jean-Pierre Radley wrote:
>
>> Dave Dickerson typed (on Fri, Jan 27, 2006 at 03:22:41AM +0000):
>> | Is this technically possible assuming the required skills are in
>> | place?
>> |
>> | Say I'm familiar with the contents of your SCO OSR507 MP3 system and
>> | there's data on your system I want to get but I don't want you to know
>> | I've got it. So, I hatch a malicious plan.
>> |
>> | I give you a CD-R that contains software that you agree to install.
>> | You are to return the CD back to me when you are finished with it.
>> |
>> | You mount the CD on your OSR507 MP3 box and run an included install
>> | script. However, unknown to you, there was other software installed
>> | the system that gathers the data I seek and writes it back to an
>> | unused section of the CD-R.
>> |
>> | I'm hearing that under certain conditions it may be possible to do
>> | that write-back to a CD-R.
>>
>> I can't imagine any conditions on which you can write to a CD-R once
>> you've done your first (and only) write followed by the fixating phase.
>> I've tried to write to a non-virgin CD-R, never succeeded.
>>
>> | I'm not so sure and I'd like to hear your technical opinions on that
>> | matter regarding OSR507/MP3.
>>
>> The operating system is irrelevant. So far as I know, CD-R means write
>> once, read many.
>
>Multiple pieces can be written to a CD-R; it's called "multisession".
>I've even seen it work on OSR5. Proper multisession writing involves
>not doing the final fixation on the original write (i.e. when you do the
>original write you have to _tell_ the writing software that you're
>preparing for multisession).
>
>Dave's scheme is possible. I suspect the CD I/O would look a bit weird
>if you were actually paying attention while it was going on, but yeah,
>if you were handing a CD to a clueless admin you could probably arrange
>something like this.
>
>There are probably a bunch of other easier ways that don't involve CD
>writing. Starting with something like "could you run this command and
>email me the output?"... The whole scheme hinges on the idea that the
>recipient trusts you; if he trusts you then you can probably get him to
>do just about anything that isn't blatant.
>
>>Bela<

The discussions I've been having are centered on the properties of a
CD-R. The initial discussion was what I described above. Later,
questions came up about the "re-writeability" of a CD that had been
created by a burn process vs one that had been pressed. The claim was
that a pressed CD is equivalent to filling in all the unused space
with zeroes or some such thereby making the CD impervious to rewrite
attempts.

Any thoughts on that?

DDinAZ
.

Quantcast