The checksum thing is not a vulnerability. If you can't trust the remote host to... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		hueving on May 8, 2015 \| parent \| context \| favorite \| on: The Discovery of Apache ZooKeeper’s Poison Packet The checksum thing is not a vulnerability. If you can't trust the remote host to put the correct things in a packet, a checksum will not help you.

tmd83 on May 9, 2015 [–]

I was wondering for a moment if any MITM was possible at some steps. But it also happens for encrypted packet right and maybe MITM is not possible in that case. I don't really know the steps involved in creating, encrypting packets to judge the possibility.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact