Matasano Chargen - Latest Comments in Alastair Houghton Debunks LMH MOKB Findinghttp://matasanochargen.disqus.com/enThu, 07 Dec 2006 16:24:17 -0000Re: Alastair Houghton Debunks LMH MOKB Findinghttp://www.matasano.com/log/633/alastair-houghton-debunks-lmh-mokb-finding/#comment-2321194Well, from a system administration perspective, disk image containers have a lot of advantages for different usage scenarios.<br><br>That’s not to say that there aren’t risks associated with them—because it looks like there’s evidence that there is or will be—but the risk sounds like it’s just simply much worse when they are traded across the ’net. They're now being used for general purposes rather than being confined to local computers for specific purposes.HistrionicThu, 07 Dec 2006 16:24:17 -0000Re: Alastair Houghton Debunks LMH MOKB Findinghttp://www.matasano.com/log/633/alastair-houghton-debunks-lmh-mokb-finding/#comment-2321193I don't know enough about them, but I know enough to say this: the right way to do this is to use a fixed format like ISO9660, and the absolute wrong way to do is is to make disk images a metaformat with client-selectable filesystems.<br><br>Downloadable disk images and actual disks have radically different requirements; actual disks have to do all sorts of work to handle constant modification and keep coherent state. This is why I think disk images are dumb idea to begin with.Thomas PtacekThu, 07 Dec 2006 15:29:41 -0000Re: Alastair Houghton Debunks LMH MOKB Findinghttp://www.matasano.com/log/633/alastair-houghton-debunks-lmh-mokb-finding/#comment-2321192Is it likely that this will be a problem for WIM disk images on Windows Vista, as well?HistrionicThu, 07 Dec 2006 12:46:38 -0000Re: Alastair Houghton Debunks LMH MOKB Findinghttp://www.matasano.com/log/633/alastair-houghton-debunks-lmh-mokb-finding/#comment-2321191It's worth saying that (I think) it would take me less time now to do the same thing again, and I'd expect someone with significant experience inside the Mac OS X kernel (especially IOKit) wouldn't take so long either.alastairThu, 07 Dec 2006 09:38:36 -0000Re: Alastair Houghton Debunks LMH MOKB Findinghttp://www.matasano.com/log/633/alastair-houghton-debunks-lmh-mokb-finding/#comment-2321190Alastair's post is a good commentary on the problem of vulnerability information management, and the amount of trust people put into refined information sources. If it took 3 days to verify an issue, it shows how resource-intensive (read: impossible) it would be for an information source to personally verify every single claim out there.Steve ChristeyWed, 06 Dec 2006 18:41:48 -0000Re: Alastair Houghton Debunks LMH MOKB Findinghttp://www.matasano.com/log/633/alastair-houghton-debunks-lmh-mokb-finding/#comment-2321189Here's the link to Alastair's post:<br><br><a href="http://alastairs-place.net/2006/11/dmg-vulnerability/" rel="nofollow">http://alastairs-place.net/2006/11/dmg-vulnerab...</a>anonymousThu, 30 Nov 2006 13:23:12 -0000Re: Alastair Houghton Debunks LMH MOKB Findinghttp://www.matasano.com/log/633/alastair-houghton-debunks-lmh-mokb-finding/#comment-2321188Apology accepted, thank-you. (It wasn't really necessary; I'm not easily offended.)alastairThu, 30 Nov 2006 13:14:04 -0000