Profile picture
Michal Stanek
@3lbios
, 9 tweets, 6 min read Read on Twitter
So I wanted to encrypt some files. Thought about using 7z+password. Stackexchange folks said "Didn't review it but it should be fine. You can browse the code yourself". So I did. After a few mins I noticed they use 8byte "random" IV. Yes, half of IV is zeroes. But it gets worse.
Aside from the fact that 7z XORs plaintext with zeroes, I was curious about the "RandomGenerator" which generates IV. That's when I vomited. The first comments say "This is not very good random number generator. Please use it only for salt." It is not used only for salt.
Yes, it uses PID and time(null) as seed. Yes, this is 7zip's random generation code running on your computers in 2019. More "cursed" code below. #7zip #encryption #facepalm #randomness #entropy #RNG #crypto #cryptofail
Now that was just the Init() of RandomGenerator which happens once, the next random values are generated as shown here. Yep, it mixes in a totally random hardcoded salt to previous SHA256 state. Then returns up to 16 "random bytes". Doesn't check that 'size' argument < 16.
And there you have it folks. Open-source "many eyes have looked at it for years so it must be secure" crypto code. AES256-CBC but supplied with IVs half of which are zeroes, and the other generated by a toy RNG. That's just from a 30min review. #7zip #7z #opensource #FOSS #crypto
If you think it's better to use zip encryption instead of 7z in 7zip, here's a recent @whitequark tweet to prove you wrong:
I thought about reporting this at 7zip Sourceforge forums but then I vomited again when I saw a long thread of largely incoherent exchanges on how 7z should be using Twofish instead of AES-256 because obviously NSA backdoored AES back in 2001 didn't you hear
Seems typical of crypto/security code reviews in general - a bunch of folks fighting over which hipster encryption/hashing/signing algos to use, while overlooking the most obvious vulns and holes visible to anyone with half a brain and a few mins to spare. End of rant. #security
Reported the bug here: sourceforge.net/p/sevenzip/bug…
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Michal Stanek
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Related hashtags

#7zip #encryption #facepalm #randomness #entropy #RNG #crypto #cryptofail #7z #opensource #FOSS #security

Related threads

Profile picture
Fernando Botto, MD 🇦🇷
@ferbotto
@alavallecobo @gonzaeperez @jpcostabel @KohanAndres @paomorejon @rafavidalperez @edurontoFF @Borjaibanez1 @Cardio_delaGuia @ValleAlfonso @ESC_Journals @j_alvarezgarcia @SIAC_cardio @lamelaspablo @dresalmeri Si revisan el paper original de #MINS en bit.ly/2IniRQQ verán q excluímos las causas NO isquémicas para transformarlo en un SCA postop y q tenga una línea terapéutica dirigida y diferente de las otras causas de elevación de Tn. Sigue...
@alavallecobo @gonzaeperez @jpcostabel @KohanAndres @paomorejon @rafavidalperez @edurontoFF @Borjaibanez1 @Cardio_delaGuia @ValleAlfonso @ESC_Journals @j_alvarezgarcia @SIAC_cardio @lamelaspablo @dresalmeri Si conocen otra entidad como MINS con un HR de casi 4 para MORTALIDAD TOTAL UNICAMENTE a 30 días, con un PAR de 34%, entonces entenderé a quienes dicen "MINS no existe". Respecto al Dabigatran (MANAGE Trial, Lancet 2018) entiendo q funciona como una "prueba de concepto" ...sigue
@alavallecobo @gonzaeperez @jpcostabel @KohanAndres @paomorejon @rafavidalperez @edurontoFF @Borjaibanez1 @Cardio_delaGuia @ValleAlfonso @ESC_Journals @j_alvarezgarcia @SIAC_cardio @lamelaspablo @dresalmeri que sustenta la causa "trombótica" de MINS y se transforma en la 1er evidencia existente en este "SCA postop" de que anticoagular es útil, entre otras cosas. La cardiología SIEMPRE miró para el otro lado en el postop de Cx No Cardíaca, y parece q con nueva evidencia ... sigue
Read 6 tweets
Profile picture
ニツア
@YenohNitsua
If I’m Stalin... then..
Alt definitions for GULAG

@Google
@Twitter
@facebook
@amazon

#CODE yourself into Stalin’s future past
@jack all your tweeters belong to us now..
Read 5 tweets
Profile picture
Samuel Vimaire ᵠ - No #FakeScience !
@SVimaire
[Thread]#Zététique et #Politique
Oui, c'est un peu chaud de mélanger les deux alors je vais essayer de pas trop dire de conneries, n'hésitez pas à me corriger (de façon constructive) si vous voyez quelque chose qui cloche.
Je suis foncièrement de #gauche et attaché à la méthode scientifique. Je ne reconnais pas de hiérarchie "naturelle" entre les êtres humains, j'estime qu'il n'y a pas de "self made man" parce que personne ne pourrait "réussir" sans le reste d'une société.
Par conséquent, je suis actuellement sympathisant de la @FranceInsoumise, ses propositions sociales et sociétales me correspondent complètement. J'estime que c'est actuellement le seul mouvement politique à pouvoir mettre en place un gouvernement (vraiment) de gauche.
Read 15 tweets
Profile picture
Pauli Ohukainen
@POhukainen
Thread alert! Atherosclerosis (official journal of @society_eas) publishes a #review on #TraditionalChineseMedicine (#TCM). It's simultaneously a bit frightening and hilarious (1/16)

atherosclerosis-journal.com/article/S0021-…
First of all, TCM is BS. It may have been useful thousands of years ago when nothing was known about science but nowadays we know better. Besides, "modern TCM" was pretty much invented by Chairman Mao in the 50's: slate.com/articles/healt… (2/16)
Look at this terrifying aim of the review! "WHAT IS NECESSARY FOR TCM TO SPREAD TO WESTERN SOCIETIES". Ideological bias, much? (3/16)
Read 16 tweets
Profile picture
Zen Black
@z3nblack
This is a window into a unique journey... a road less traveled.

You’ll find stories, realizations & observations from different periods of my life over the last 11 yrs.

The journey's been deep, wide, intense...

But most of all, it's been soul shaping.
tinyurl.com/pwr1nt
Had been a brutal few weeks. It was getting increasingly hard to find a safe, quiet place to sleep. Winter & homelessness were quite the combo.

I was on edge.

Then.. quite randomly at a coin laundry, one of those normally useless ads caught my eye.
tinyurl.com/pwr2nt
The library was closed by now. It seemed illogical to go, yet there was the whisper again.

As I got close to the library I noticed someone curled up in a corner. It was Irene: A 60-yr old Polish woman fallen on hard times.

I had to do something for her..
tinyurl.com/pwr3nt
Read 7 tweets
Profile picture
Taylor Richey
@TheTaylorRichey
0s and 1s commonly create speech that courts use -- that means precedence is set. #Code is speech -- they're languages made of bits! Point being, ISPs shouldn't be allowed to deny computer speech from being seen by others. #NetNeutrality

Evidence in thread:
#NetNeutrality Evidence case 1: Bradley v. State: @Facebook evidence used to ID assailants and other witnesses. Its compelling because translated bits were used to ID people. It proves third party intermediary bits translated into media are used by courts. scholar.google.com/scholar_case?c…
#SaveNetNeutrality Evidence case 2: Homeland Security v. Twitter: @DHSgov seized data that was digitized and sent to intermediary @Twitter. Twitter sued its an ongoing investigation. Regardless, It appears consumer's translated bits were treated as speech? clearinghouse.net/detail.php?id=…
Read 11 tweets

Trending hashtags

#SESSA #tears #SICK #ATTACKS #directfiled #TORPEDO #backwards #chumpchange #cunt #shitshow #son #bitcoin #RedTeam #fishy #LIE #REDDIT #Selfie #WRONG #email #movie #Pathology #POLICE #TrashterpieceTheater #6thJudicalCircuit #Jursidiction
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!