New ‘Zip Bomb’ Turns 46MB Into 4.5PB

There's no denying that data compression is critical to modern life. It allows us to quickly download large files, keep data in sync across devices, and back up our systems without having to buy a bunch of external storage. But it also has its downsides, as researcher David Fifield proved earlier this month when he disclosed a new "zip bomb" method that can cram 4.5 petabytes (PB) into a 46MB archive.
A zip bomb is a malicious ".zip" file that contains enough data to crash the program--or the entire system--used to open it. This massive amount of data is hidden from the person extracting the archive, of course, because even a novice might question why a seemingly harmless file is so large. (As an entire generation learned by downloading music and movies from services we aren't going to name.)
To put Fifield's discovery in context: IT Pro claimed that the 10 billion photos on Facebook's service take up just 1.5PB. That means Fifield discovered a way to cram the equivalent to 30 billion Facebook photos into an archive the size of a vacation photo album. Calling something that massive a zip bomb feels like an understatement; Fifield essentially found a way to make the ".zip" equivalent to a nuclear warhead.
But there are some caveats. Fifield's new zip bomb relies on the Zip64 extension that removes the zip format's 281TB output limit. Zip64 is popular, but it's not ubiquitous like the base zip format, so this method of attack wouldn't affect some programs. It also doesn't have the greatest uncompressed-to-compressed data ratio; Fifield cited a zip bomb called 42.zip that expands to 4.5PB from just 0.6MB.
The difference is that 42.zip and its counterparts rely on recursive decompression. Instead of simply opening an unfathomable amount of files by "unzipping" a single archive, they offer up to six layers of ".zip" files inside of ".zip" files that increase in size with each layer. Fifield's method doesn't rely on such recursion, which could allow it to evade programs that can detect more traditional zip bombs.
Fifield explained in the blog post detailing his discovery: "It works by overlapping files inside the zip container, in order to reference a 'kernel' of highly compressed data in multiple files, without making multiple copies of it. The zip bomb's output size grows quadratically in the input size; i.e., the compression ratio gets better as the bomb gets bigger."
The good news is that Fifield said this method is limited to the zip format and the popular DEFLATE compression algorithm. That's by design--he said one of his goals was to "be compatible" and "avoid taking advantage of tricks that only work with certain parsers." Yet there are "certain ways to increase the efficiency of the zip bomb that come with some loss of compatibility," he said, to nobody's comfort.
This is just another reason to avoid downloading and opening suspicious files. We'd hope most people would know that by now, but malicious files continue to affect people, so not everyone's gotten the message. Maybe watching their system freeze up because it's trying to decompress three times as many photos as there are on the world's most popular social network would finally get the point across.

Views: 31

©ictnews.az. All rights reserved.

Facebook Google Favorites.Live BobrDobr Delicious Twitter Propeller Diigo Yahoo Memori MoeMesto

17 July 2019

16 07 2019

Azerbaijan, Afghanistan discuss cooperation in transport and ICT

Today, Minister of Transport, Communications and High Technologies of the Republic of Azerbaijan Ramin Guluzade

Infamous Buhtrap group behind highly targeted zero-day attack, ESET discovers

ESET researchers have reported a zero-day exploit deployed in a highly targeted attack in Eastern Europe. The 

Huawei says it plans to invest USD 3.1 billion in Italy

Chinese tech giant Huawei said Monday it plans to invest USD 3.1 billion (2.75 billion euros) in Italy over three

A fifth of large enterprises are still on Windows 7

Microsoft will be ending support for Windows 7 on January 14, 2020. After January 14, 2020, Microsoft will no

Leading Organizations To Double The Number Of AI And ML Projects In Place

Organizations that are working with artificial intelligence (AI) or machine learning (ML) have, on average, four 

WhatsApp and Telegram media files aren’t so secure after they reach your phone

While they’re known for strongly encrypting messages in transit, apps like WhatsApp and Telegram may not 

Office 365 declared illegal in German schools due to privacy risks

Last week, the German state of Hesse declared that its schools may not legally use the Office 365 cloud product.

Sony launches MRW-S3, the world’s fastest USB hub

At San Diego, California, Sony took the wraps off the MRW-S3, a USB-C hub featuring the world's fastest UHS-II 

Honor Smart Screen Announced - Not A Regular TV

Honor held the ‘Honor New Class Communication Meeting’ and officially announced the new product – Honor