Differences between revisions 34 and 36 (spanning 2 versions)
Revision 34 as of 2016-07-12 10:06:53
Size: 3583
Editor: PaulWise
Comment: a bit of a ranty mail but some useful hints
Revision 36 as of 2017-03-07 02:18:56
Size: 3765
Editor: PaulWise
Comment: BitErrant
Deletions are marked like this. Additions are marked like this.
Line 33: Line 33:
 * [[https://biterrant.io/|BitErrant]] attacks on BitTorrent via SHA-1 collisions
Line 44: Line 45:
 * [[http://worldwidemann.com/the-sad-state-of-linux-download-security/|User-oriented checklist]]

Solved

  • Debian websites use SSL certs verifiable by most existing OSes
  • Some mirrors have https enabled and use SSL certs verifiable by most existing OSes
  • Most suites have Valid-Until, preventing indefinite downgrade attacks
  • SSL CA and DNSSEC/TLSA/DANE trust paths to Debian SSL certs
  • SSL connection to the Debian DNSSEC keys

  • Official mirror run by DSA on the Tor network (announcement, followup), unofficial ones run by Debian members too

  • netboot.tar.gz are verifiable via the OpenPGP-signed Release files
  • win32-loader is verifiable via the OpenPGP-signed files called extrafiles

Issues

  • No OpenPGP trust paths (ie Monkeysphere) to Debian or mirror SSL certs
  • No OpenPGP trust paths to Debian DNSSEC keys
  • Not available in browser certificate pinning (HPKP)
  • Mirror updates are not authenticated in any way
  • Most clients contacting mirrors reveal package names and version numbers
  • Most mirrors probably have default apache2 logging (recording packages, versions, IPs etc)
  • Mirrors list does not contain any info about https support
  • httpredir.debian.org does not currently support https but can easily be made to
  • Security update notices are via email
  • No suggestions to or documentation about how to verify signatures
  • No downloads that use the subresource integrity for downloads standard.

  • No magnet: links for bittorrent downloads on SSL
  • No magnet: links for bittorrent downloads on OpenPGP-signed email
  • No publishing of hashes of various things in Bitcoin/etc blockchains
  • win32-loader is not Windows-code-signed
  • ISO images server and mirrors have the same issues as repository mirrors
  • Front page of Debian website links to an ISO image but no signature
  • Verifying the ISO images is a convoluted process
  • Torrent files for the ISO images are not able to be verified
  • BitErrant attacks on BitTorrent via SHA-1 collisions

  • No ISO hashes available over HTTPS
  • More prominent OpenPGP fingerprints for ISOs
  • Preinstalled systems are not able to be verified
  • Image downloader/writer programs that verify signatures and hashes
  • di-netboot-assistant does not verify things 775904

  • snapshot.debian.org validation requires turning off Valid-Until, using expired signatures and old keys, idea for a fix in 763419

  • Possible apt sources.list improvements

  • all .deb packages are ultimately trusted by the system

  • SHA-1 is used in various places in Debian and by tools we use

  • Not all Debian services are on Tor onion services

  • Debian doesn't yet support binary transparency services (like Cothority

  • User-oriented checklist

  • More

See also