[tor-bugs] #5837 [Quality Assurance and Testing]: Use IDA Pro and/or BinDiff to inspect releases

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Tue Aug 7 13:45:27 UTC 2012


#5837: Use IDA Pro and/or BinDiff to inspect releases
-------------------------------------------+--------------------------------
 Reporter:  mikeperry                      |          Owner:  cypherpunks
     Type:  project                        |         Status:  new        
 Priority:  major                          |      Milestone:             
Component:  Quality Assurance and Testing  |        Version:             
 Keywords:  volunteer                      |         Parent:  #5292      
   Points:                                 |   Actualpoints:             
-------------------------------------------+--------------------------------

Comment(by tom):

 Replying to [comment:24 erinn]:
 > Is there anything I can do to help here? Would it be useful for me to
 rebuild that tag to see if I get differences from the same build machine?

 Because the end goal is determining whether or not the build process is
 tampered with, performing bindiffs will not do it.  There are techniques
 to backdoor a binary without modifying the primary code (via DWARF
 exception chains.  I'm sure there are others.)  It'd have to be via hash
 matches or a different comparison process.

 However, I think step 1 to getting identical binaries from two build
 machines is getting identical assembly.  So if anyone can post binaries
 from two different machines that were built with the same compiler flags
 ''and the same compiler version'' I (or anyone) could do the bindiff
 process again and we can see how close that gets us.  It may be necessary
 to use the compiler options mentioned in #3688.

 As it is, the quantity of changes seen above make it unrealistic for a
 manual diff comparison.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5837#comment:25>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list