File Validation Case Study: Linux Mint

A news story broke this week about a hack against the download site of Linux Mint (the official blog post is available here).  Mint is a very popular, entry-level Linux operating system.  The attacker hacked Mint’s site and redirected the download link to a modified version of the .iso file.  The modified version had/has a backdoor installed via the Tsunami malware suite.  This hack affected Linux Mint version 17.3/Cinnamon, but the backdoored version appears to have only been available for a short time.  This is obviously bad news for anyone who downloaded and installed an affected version of this OS (17.3/Cinnamon), but there are some big-picture takeaways to be gleaned from this story.  This is not just a story about Mint; it is also a story about file validation and the lack thereof.

  1. People don’t verify file integrity.  Just a couple of weeks ago I posted about the importance of verifying file integrity, and I have written about file validation in my books. The attacks that would make one vulnerable to a tainted file may seem far-fetched, but this is a prolific, real-world example. Adding insult to injury, downloaded versions could have been clearly identified using a checksum or PGP signature.  It is doubtful that many downloaders took the time to perform this step.
  2. It is *almost* understandable that they don’t.  High-profile instances of attacks like these are incredibly rare.  It is almost forgivable that people don’t validate file downloads before executing them.  On the other hand the potential consequences of working on a compromised OS are grave.  It is also worth pointing out that we have no idea how prolific NON-publicized instances of attacks like these are.  Targeted, undiscovered, and hence un-publicized attacks of this nature are the ones that keep me up at night.
  3. The Mint team responded.  Kind of.  Sadly, the Linux Mint Blog responded officially to this incident by posting MD5 checksums (shown in the photo below).  I have written about this before and hate to beat a dead horse but MD5 is insecure and should not be trusted for file validation.  I’m glad they did something, but in the wake of an actual attack one would assume they would go to great lengths to verify file integrity in the future.  MD5 is NOT “great lengths”, but rather a mild, half-hearted response.  This is the most disappointing thing about this attack in my opinion.

LM MD5 ScreenshotMy checksums will be updated this week to include SHA-256 and SHA-512 checksums for the affected version of Linux Mint.

How to Verify File Integrity using Checksums

Verifying file integrity is an important step when downloading and installing applications, especially when these applications are relied upon to perform a security function.  An application that is not downloaded completely or correctly may be weakened and fail to provide the necessary security.  Worse, users may be the victims of a watering hole attack where the download site is infected with malware, or some targeted individuals are redirected to look-alike sites.  In this instance the software in question would be modified to suit the attacker’s aims and its security could be bypassed entirely.  The easiest way to have some assurance that your downloaded applications are intact and legitimate is to verify their integrity using checksums and a checksum calculator.

There are also some other reasons that a checksum calculator may be handy.  For example, if you wish to transmit an attachment to another person through email, a cloud storage account, or other digital medium, a checksum could be used to verify the file had not been tampered with in transit.  Checksums can also be used to ensure that two files are are identical.  For example, if you backup a large folder to a USB flash drive you can compare the checksums of the two folders to ensure they are the same.

I constantly push this technique in my live classes and never cease to be amazed at the minuscule number of participants who every take any steps at all to verify the integrity of applications before executing them.  It appears to me that this skill is applied only by the smallest handful of users. The other major problem I run into when teaching (and when downloading software myself) this is the lack of a single, independent checksum repository from which to pull known-good checksums for comparative purposes.  This is perhaps at least part of the problem inherent in verifying file integrity.

As a result I have slowed down on the blog in the past couple of weeks to expand and update the checksums page. Though many do not, some security applications post checksums on their download pages.  Even so I still believe it is important to verify checksums from an alternate source; if you are redirected to a forged download page and download a corrupted file, it would be a simple matter for the forger to post his or her own checksum.  If you acquired both a corrupt file and its corresponding checksum from a forged site, the result would be worse than not verifying the file at all: you would receive a false positive, causing you to misplace trust in the application.

This is the primary motivating factor in my recent expansion of my checksums page.  There seems to be no comprehensive, third-party repository of checksums for security software.  The checksums posted there are SHA-256 and SHA-512. MD5 is insecure and there are credible reports of vulnerabilities in SHA-1 dating back several years.

Methodology: Before calculating checksums I download the application in question.  If a GPG signature is available I will use the signature to verify the integrity of the application, and then use a checksum utility to calculate a hash.  If a signature file is not available for a given application, I will compare it against a checksum found on a third-party site.

Windows:  The CHK Checksum Utility is the simplest and most user friendly checksum calculator I have found for Windows operating systems.  CHK runs in portable mode so there is no need to install it.  Simply download and open the executable.  Drag the file or files to be verified into the interface.  The checksums will automatically be calculated in SHA-1; to change this open the Options menu and select the desired algorithm.

CHK 1

Next, right click on the file to be verified and select Verify…CHK 2

In the pop-up that appears, paste a known-good checksum and click Verify.

CHK 3

A green checkmark will appear next to the application if the checksums match; if not a red “X” will appear beside the application name.

Checksums for the CHK Checksum Utility itself are available on my checksums page.

OS X:  Mac users have checksum verifying ability built-into their operating systems, though it requires a trip to the Terminal.  Open Launchpad and select Terminal.  Enter the command “shasum” into the terminal.  Next, drag the file itself into the terminal window and press Enter; by default this will calculate SHA-1 hashes.  If you wish to verify the file using a SHA-256 or SHA-512 checksum use one of the following commands (disregarding the file path which is represented in italics):

  • SHA-1:         shasum /user/macbook/desktop/filename.dmg
  • SHA-256:    shasum -a 256 /user/macbook/desktop/filename.dmg
  • SHA-512:    shasum -a 512 /user/macbook/desktop/filename.dmg

This method merely displays the calculated hash for the selected file.  To verify its authenticity requires a visual check.  This is tedious and can be mistake-prone but is not impossible.  I recommend copying both versions of the checksum (the output of the terminal calculation and the checksum collected from the internet) and pasting them into a word processing document, one on top of the other, in the same pitch and font.  This makes differences much more easily identified visually.

Mac shasum

There are also several GUI-driven checksum calculators available for OS X but I confess I have not yet tried one.  There are very few that have been either recommended by a reputable source or well-reviewed.

Linux:  Given Linux’s proclivity for eschewing graphic user interfaces (GUIs) over the terminal it is somewhat surprising that an excellent GUI-driven checksum calculator exists for Linux.  It is called GtkHash, and will not be covered here.