Author

Topic: Check md5sum before running bitcoin (Read 1446 times)

newbie
Activity: 59
Merit: 0
June 18, 2011, 05:14:00 PM
#10
Good idea.

This should be a built-in feature for the default client before it runs.  My angel is coming from ordinary moms and pops running windows.  For BTC to take off, we really need more involvement from the general public.

This is not really possible: if someone tampers with the binary, they'll change the checksum too.

On Windows (and OSX, but it's rarely used) you can sign the binary.  If someone modifies it then it won't even run.

Of course that doesn't stop someone completely replacing it... but then they could replace the script that checks the md5 too.
full member
Activity: 168
Merit: 103
June 18, 2011, 05:08:55 PM
#9
md5sum is not secure, use sha256sum or something like that instead.
member
Activity: 111
Merit: 10
June 18, 2011, 03:11:28 PM
#8
Good idea.

This should be a built-in feature for the default client before it runs.  My angel is coming from ordinary moms and pops running windows.  For BTC to take off, we really need more involvement from the general public.

This is not really possible: if someone tampers with the binary, they'll change the checksum too.
full member
Activity: 196
Merit: 100
June 18, 2011, 03:10:07 PM
#7
Good idea.

This should be a built-in feature for the default client before it runs.  My angel is coming from ordinary moms and pops running windows.  For BTC to take off, we really need more involvement from the general public.

If an attacker replaces the default client, he can do whatever he wants.
sr. member
Activity: 372
Merit: 250
June 18, 2011, 02:15:14 PM
#6
Good idea.

This should be a built-in feature for the default client before it runs.  My angel is coming from ordinary moms and pops running windows.  For BTC to take off, we really need more involvement from the general public.
full member
Activity: 196
Merit: 100
June 18, 2011, 12:21:54 AM
#5
I bet he aliased 'md5sum' to 'md5'. Which is really funny because he couldn't remember 3 extra letters.

Tab completion: md5[tab]

Also, a few pointers for your script.

1. You can drop the export keyword for the variables.
2. Use $() instead of ``, it's more visible: `md5sum bitcoin` == $(md5sum bitcoin)

Code:
cat > bitcoin_check.sh << EOF
#!/bin/bash
BITCOIN=/home/frozen/bin/b_i_t_c_o_i_n
HASH=48090f098f51a036d2ab181419f6e5e754071cc45196b4a43114b0b47043cd40822eb6d7b124018e4f5aa8ed7ae76459712cbb9fb0bc152c72c1bf49bbaed39a
test "$(sha512sum $BITCOIN)" != "$HASH $BITCOIN" && echo BAD HASH && exit 1
$BITCOIN $@
EOF

hero member
Activity: 868
Merit: 1008
June 18, 2011, 12:21:13 AM
#4
Yes, I do have an md5 executable...it might be an OSX or BSD thing.  Curiously, it doesn't have md5sum.  But it does have shasum...go figure.  SHA would indeed be better than md5.  Renaming is good too, but I suppose a attacker could scan the system looking for an executable that has bitcoin's hash.
full member
Activity: 196
Merit: 101
June 18, 2011, 12:13:31 AM
#3
Do you really have a command called "md5" on your system, or did you mean "md5sum" ?

Also... IMO, if you're going to do this (good idea), you might as well do the best that you can... md5 is comparatively  easy to engineer collisions, so please consider using sha256sum or sha512sum

sha256sum bf5d80230534f4f71a73d74abfc73341f1ca8e000a8e506f7d84c94f7bfdba82
sha512sum 48090f098f51a036d2ab181419f6e5e754071cc45196b4a43114b0b47043cd40822eb6d7b124018 e4f5aa8ed7ae76459712cbb9fb0bc152c72c1bf49bbaed39a

Another way to combat this problem is to just name the binary something other than "bitcoin"

I bet he aliased 'md5sum' to 'md5'. Which is really funny because he couldn't remember 3 extra letters.
full member
Activity: 196
Merit: 100
June 18, 2011, 12:12:32 AM
#2
Do you really have a command called "md5" on your system, or did you mean "md5sum" ?

Also... IMO, if you're going to do this (good idea), you might as well do the best that you can... md5 is comparatively  easy to engineer collisions, so please consider using sha256sum or sha512sum

sha256sum bf5d80230534f4f71a73d74abfc73341f1ca8e000a8e506f7d84c94f7bfdba82
sha512sum 48090f098f51a036d2ab181419f6e5e754071cc45196b4a43114b0b47043cd40822eb6d7b124018 e4f5aa8ed7ae76459712cbb9fb0bc152c72c1bf49bbaed39a

Another way to combat this problem is to just name the binary something other than "bitcoin"
hero member
Activity: 868
Merit: 1008
June 17, 2011, 11:16:07 PM
#1
I'm sure it's only a matter of time before a virus targets the bitcoin executable.  I was thinking it would be a good idea to check the md5sum as a precaution prior to running the client.  I launch bitcoin from a shell script, so this check is pretty easy to add (replace "--help" with the params you use to launch bitcoin):

Code:
#!/bin/bash
export EXPECTED_HASH="MD5 (bitcoin) = cff1d720be1387a5d443d7b7cb4a8e0a"
export HASH=`md5 bitcoin`
if [ "$HASH" == "$EXPECTED_HASH" ]; then
    ./bitcoin --help
else
    echo Warning! The Bitcoin executable may have been tampered with!!!
fi
Jump to: