Re: Malicious Intent...technically possible?

On Fri, 27 Jan 2006 16:25:01 GMT, bv@xxxxxxx (Bill Vermillion) wrote:

>In article <drd9gf$kad$1@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>,
>Ian Wilson <scobloke2@xxxxxxxxxxxxx> wrote:
>>Dave Dickerson wrote:
>>> On 27 Jan 2006 00:20:01 -0500, Bela Lubkin <filbo@xxxxxxxxxx> wrote:
>>>
>>>
>>>>Jean-Pierre Radley wrote:
>>>>
>>>>
>>>>>Dave Dickerson typed (on Fri, Jan 27, 2006 at 03:22:41AM +0000):
>>>>>| Is this technically possible assuming the required skills are in
>>>>>| place?
>>>>>|
>>>>>| Say I'm familiar with the contents of your SCO OSR507 MP3 system and
>>>>>| there's data on your system I want to get but I don't want you to know
>>>>>| I've got it. So, I hatch a malicious plan.
>>>>>|
>>>>>| I give you a CD-R that contains software that you agree to install.
>>>>>| You are to return the CD back to me when you are finished with it.
>>>>>|
>>>>>| You mount the CD on your OSR507 MP3 box and run an included install
>>>>>| script. However, unknown to you, there was other software installed
>>>>>| the system that gathers the data I seek and writes it back to an
>>>>>| unused section of the CD-R.
>>>>>|
>>>>>| I'm hearing that under certain conditions it may be possible to do
>>>>>| that write-back to a CD-R.
>>>>>
>>>>>I can't imagine any conditions on which you can write to a CD-R once
>>>>>you've done your first (and only) write followed by the fixating phase.
>>>>>I've tried to write to a non-virgin CD-R, never succeeded.
>>>>>
>>>>>| I'm not so sure and I'd like to hear your technical opinions on that
>>>>>| matter regarding OSR507/MP3.
>>>>>
>>>>>The operating system is irrelevant. So far as I know, CD-R means write
>>>>>once, read many.
>>>>
>>>>Multiple pieces can be written to a CD-R; it's called "multisession".
>>>>I've even seen it work on OSR5. Proper multisession writing involves
>>>>not doing the final fixation on the original write (i.e. when you do the
>>>>original write you have to _tell_ the writing software that you're
>>>>preparing for multisession).
>>>>
>>>>Dave's scheme is possible. I suspect the CD I/O would look a bit weird
>>>>if you were actually paying attention while it was going on, but yeah,
>>>>if you were handing a CD to a clueless admin you could probably arrange
>>>>something like this.
>>>>
>>>>There are probably a bunch of other easier ways that don't involve CD
>>>>writing. Starting with something like "could you run this command and
>>>>email me the output?"... The whole scheme hinges on the idea that the
>>>>recipient trusts you; if he trusts you then you can probably get him to
>>>>do just about anything that isn't blatant.
>>>>
>>>>
>>>>>Bela<
>>>
>>>
>>> The discussions I've been having are centered on the properties of a
>>> CD-R. The initial discussion was what I described above. Later,
>>> questions came up about the "re-writeability" of a CD that had been
>>> created by a burn process vs one that had been pressed. The claim was
>>> that a pressed CD is equivalent to filling in all the unused space
>>> with zeroes or some such thereby making the CD impervious to rewrite
>>> attempts.
>>>
>>> Any thoughts on that?
>
>>"Pressed" CDs have a different physical structure to CD-Rs and are
>>created using a completely different process.
>
>>CD's are read by shining a weak laser along a spiral track and
>>looking for changes in reflectivity. There are many different
>>ways to create those changes in reflectivity. On way is to press
>>microscopic pits into a thin layer of aluminium, another way
>>is to use a strong laser to burn dark spots into a layer of
>>inorganic dye.
>
>To correct a minor mis-impression here. They do not press
>pits into a thin layer of aluminum. The pits are molded into
>a plastic disk and then the disk - at this point just plastic - is
>taken into an environment where a thin layer of metal - usually
>aluminum sometimes gold - is put on the plastic to make it
>reflective.
>
>Bill
>--
>Bill Vermillion - bv @ wjv . com


All useful info. Thank you everyone!

DDinAZ
.