[liberationtech] Satori - distributed tamper-resistant circumvention tools
Griffin Boyce
griffin at cryptolab.net
Sun May 4 00:04:34 PDT 2014
Nathan Freitas wrote:
> Automated distributed deterministic build comparisons FTW!
>
> Seriously, it seems like we are pretty close with such a thing for
> Android APKs, so perhaps Chrome extension bundles could be added to
> the list, as well.
That sounds pretty awesome :D Apps and extensions are .crx files,
which are just zip files basically. Change extension, unzip, and all
files should match /chrome. (With the possible exception of
manifest.json).
So something like this might work (except wget-ing the crx seems to
hang indefinitely for some reason). Basically fetch, extract, delete
extra github files, compare everything except the manifests:
#!/bin/bash
# -*- Mode: sh; coding: utf-8; indent-tabs-mode: nil; tab-width: 4 -*-
clear
sleep 1
#----- FUNCTIONS -----#
#run initial function
# CLEAN ENVIRONMENT FIRST
function grabem {
# Empty various cache files
echo 'Grabbing files...'
wget --user-agent=Chrome -O webstore.zip
https://clients2.google.com/service/update2/crx?response=redirect&x=id%3Doncomejlklhkbffpdhpmhldlfambmjlf%26uc%26lang%3Den-US&prod=chrome
wget -O github.zip
https://github.com/glamrock/Satori/archive/master.zip
echo 'Extracting folders'
unzip github.zip -d github2
unzip webstore.zip -d chrome
mv github2/Satori-master/chrome ../../github
rm -rf github2
sleep 1
compare
}
#----- RUN UPDATES -----#
function compare {
echo 'Comparing files...'
diff -rq github/ chrome/ -x "chrome/manifest.json" -x
"github/manifest.json"
exit
}
grabem
####END OF TRANSMISSION####
More information about the liberationtech
mailing list