Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 2 Sep 2011 08:47:01 -0500
From: "jfoug" <jfoug@....net>
To: <john-dev@...ts.openwall.com>
Subject: jumbo-6 (my status report)

I had mentioned that I was done with all development going towards j6.  This
is no longer true.  Thus, it would be smart to not try to move J6 forward at
this time (or if we do, to remove the pkzip, and keep it as a 'after jumbo'
patch).

 

I am working on making changes to the pkzip format.  It may actually change
the 'format' of the hash lines. So, we may want to hold up j6 for a short
while, while some research is being done.  I would rather not see the format
put out to the general public, and then have the signature/layout of the
format line change.

 

It is possible that the ascii 'quick check' may be removed.  It has been
really hard to get it to not give false negatives, and there have been other
difficulties.  It may be able to be replaced with some better logic on the
'full' decrypt/inflate/checksum code.

 

Ascii mode was put in as a heuristic optimization.  However, hacking on it
again and again to have it 'avoid' false negatives, and never knowing if we
really have gotten them all, causes a different approach to be looked into.
Also, the fact that if there IS no known ascii file in there (and we also
have looked into adding many other 'magic' file signatures into this quick
check), that we need to have the full test work faster for us.

 

Jim.

 

 


[ CONTENT OF TYPE text/html SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ