Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Auditing of Auto-Update of software commonly used by Human Rights Defenders

Fabio Pietrosanti (naif) lists at
Wed Jun 4 05:07:36 PDT 2014

Il 5/15/14, 11:47 PM, Tom Ritter ha scritto:
> On 14 May 2014 23:36, Fabio Pietrosanti (naif) <lists at> wrote:
>> i think that would be very important to organize a project to Audit the
>> functionalities of Auto-Update of software commonly used by human rights
>> defenders.
> Sounds interesting. What software did you have in mind?

Look what an attack tool has been just released:
Patch Binaries via MITM: BackdoorFactory + mitmProxy

Sounds like that all SourceForge downloaded software can be easily
MitMed, along with GPG4Win and a long list.

Now mitm based binary patching to inject trojan it's also easier, we
really need to have someone work on that problem.

Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights - -

More information about the liberationtech mailing list