Code signing in OpenBSD

>
>
> Just need to make sure there're some mountains around for Theo to go
> climb.  If you live on a flatland, then, sorry, you're doomed.
>
>
> On 12/6/07, Douglas A. Tutty <dtutty@...> wrote:
>> On Thu, Dec 06, 2007 at 11:48:55AM +0100, Hannah Schroeter wrote:
>>
>>> One risk would be the plans of "online surveillance" of computers
>>> e.g.
>>> in Germany. One way to install surveillance even on OpenBSD would
>>> be to
>>> actively interfere with the internet connection with the surveilled
>>> person, in the man-in-the-middle sense, and inject trojanned code
>>> ("Bundestrojaner") into the updates of the victim.
>>
>> Using software from any source without interference from an
>> all-pervasive government is a very special, but unfortunatly today, a
>> very real issue for many people around the world.  To be secure, you
>> have to get pieces of the puzzle over multiple paths.  It all can't
>> come
>> via the net since then you're open to man-in-the-middle.
>>
>> Key-revocation announcements could come over the net (via an announce
>> list) but the new key would then have to come over a second channel.
>>
>> One second-channel option is the q6mth CD issue, which could
>> include a
>> new public key and e.g. known-hosts fingerprints.  This is
>> vulnerable to
>> a very determined man-in-the-middle who can replicate and then
>> alter the
>> CD before it arrives to you in the mail.
>>
>> Another option is a trusted courier flying to Alberta and get a CD
>> from
>> the OpenBSD store  (yeah, right).
>>
>> In fact, likely any other technological option (e.g. an answering
>> machine in Alberta that spits out the alphanumerics of the current
>> master public key) is still suceptible.
>>
>> If every piece of information you receive is filter through your
>> government, is there any hand-shaking protocol that can allow you to
>> establish a verified information connection (not necessarily
>> encrypted)?
>> I don't think so.
>>
>> Sure, Debian has signed .debs that use gpg as a back end (the
>> system is
>> called apt-key), it relies on you trusting the fist key that you get
>> from them.  Since Debian doesn't actually mail out its own CDs,
>> everything is off its mirrors.  apt-key only 'protects' you from a
>> later
>> man-in-the-middle.
>>
>> I think that this is the central 'problem' that people are dancing
>> around.
>>
>> Personally, if this thread is to continue, I would like to see it
>> move
>> from a "Why doesn't OpenBSD do things this way?" to a "What are the
>> threat models for OpenBSD identity theft and how can we protect
>> ourselves?".
>>
>> Doug.
>>
>>
>
>
> --
> http://www.glumbert.com/media/shift
> http://www.youtube.com/watch?v=tGvHNNOLnCk
> "This officer's men seem to follow him merely out of idle curiosity."
> -- Sandhurst officer cadet evaluation.
> "Securing an environment of Windows platforms from abuse - external or
> internal - is akin to trying to install sprinklers in a fireworks
> factory where smoking on the job is permitted."  -- Gene Spafford

>
> On 06 Dej 2007, at 5:39 LL, bofh wrote:
>
> > You forgot one option.  Invite Theo to give a talk, and ask him to
> > bring the CDs.  If you can't trust Theo's CDs, all hope is lost.
>
> And how would you know that it is indeed Theo and not someone that
> looks like him? I think that blood samples and DNA tests is the only
> way to go here.
>
>
> >
> >
> > Just need to make sure there're some mountains around for Theo to go
> > climb.  If you live on a flatland, then, sorry, you're doomed.
> >
> >
> > On 12/6/07, Douglas A. Tutty <dtutty@...> wrote:
> >> On Thu, Dec 06, 2007 at 11:48:55AM +0100, Hannah Schroeter wrote:
> >>
> >>> One risk would be the plans of "online surveillance" of computers
> >>> e.g.
> >>> in Germany. One way to install surveillance even on OpenBSD would
> >>> be to
> >>> actively interfere with the internet connection with the surveilled
> >>> person, in the man-in-the-middle sense, and inject trojanned code
> >>> ("Bundestrojaner") into the updates of the victim.
> >>
> >> Using software from any source without interference from an
> >> all-pervasive government is a very special, but unfortunatly today, a
> >> very real issue for many people around the world.  To be secure, you
> >> have to get pieces of the puzzle over multiple paths.  It all can't
> >> come
> >> via the net since then you're open to man-in-the-middle.
> >>
> >> Key-revocation announcements could come over the net (via an announce
> >> list) but the new key would then have to come over a second channel.
> >>
> >> One second-channel option is the q6mth CD issue, which could
> >> include a
> >> new public key and e.g. known-hosts fingerprints.  This is
> >> vulnerable to
> >> a very determined man-in-the-middle who can replicate and then
> >> alter the
> >> CD before it arrives to you in the mail.
> >>
> >> Another option is a trusted courier flying to Alberta and get a CD
> >> from
> >> the OpenBSD store  (yeah, right).
> >>
> >> In fact, likely any other technological option (e.g. an answering
> >> machine in Alberta that spits out the alphanumerics of the current
> >> master public key) is still suceptible.
> >>
> >> If every piece of information you receive is filter through your
> >> government, is there any hand-shaking protocol that can allow you to
> >> establish a verified information connection (not necessarily
> >> encrypted)?
> >> I don't think so.
> >>
> >> Sure, Debian has signed .debs that use gpg as a back end (the
> >> system is
> >> called apt-key), it relies on you trusting the fist key that you get
> >> from them.  Since Debian doesn't actually mail out its own CDs,
> >> everything is off its mirrors.  apt-key only 'protects' you from a
> >> later
> >> man-in-the-middle.
> >>
> >> I think that this is the central 'problem' that people are dancing
> >> around.
> >>
> >> Personally, if this thread is to continue, I would like to see it
> >> move
> >> from a "Why doesn't OpenBSD do things this way?" to a "What are the
> >> threat models for OpenBSD identity theft and how can we protect
> >> ourselves?".
> >>
> >> Doug.
> >>
> >>
> >
> >
> > --
> > http://www.glumbert.com/media/shift
> > http://www.youtube.com/watch?v=tGvHNNOLnCk
> > "This officer's men seem to follow him merely out of idle curiosity."
> > -- Sandhurst officer cadet evaluation.
> > "Securing an environment of Windows platforms from abuse - external or
> > internal - is akin to trying to install sprinklers in a fireworks
> > factory where smoking on the job is permitted."  -- Gene Spafford
> >
>
>

>Hi!
>
>On Thu, Dec 06, 2007 at 11:23:37AM +0000, Stuart Henderson wrote:
>>On 2007/12/06 13:12, Lars Noodin wrote:
>
>>> If the installation process (from the purchased CDs) had a list of the
>>> public keys for the official mirror sites, then that would go a long
>>> way.
>
>>That would make it rather hard to revoke a key if there ever
>>was a problem.
>
>Key revocation lists in some form? If it's gpg/OpenPGP, instruct users
>to update from keyservers, one will notice when there're
>incompatibilities between the key from CD and the one from the
>keyserver, but one will also get the revocation from the keyserver. And
>if one buys every CD, there's the time window of half a year even
>without a key revocation infrastructure.
>
>Kind regards,
>
>Hannah.

> On 12/6/07, Jeff I. Ragland <jeff.i.ragland@...> wrote:
>  
>> On 06 Dej 2007, at 5:39 LL, bofh wrote:
>>
>>    
>>> You forgot one option.  Invite Theo to give a talk, and ask him to
>>> bring the CDs.  If you can't trust Theo's CDs, all hope is lost.
>>>      
>> And how would you know that it is indeed Theo and not someone that
>> looks like him? I think that blood samples and DNA tests is the only
>> way to go here.
>>
>>
>>    
>>> Just need to make sure there're some mountains around for Theo to go
>>> climb.  If you live on a flatland, then, sorry, you're doomed.
>>>
>>>
>>> On 12/6/07, Douglas A. Tutty <dtutty@...> wrote:
>>>      
>>>> On Thu, Dec 06, 2007 at 11:48:55AM +0100, Hannah Schroeter wrote:
>>>>
>>>>        
>>>>> One risk would be the plans of "online surveillance" of computers
>>>>> e.g.
>>>>> in Germany. One way to install surveillance even on OpenBSD would
>>>>> be to
>>>>> actively interfere with the internet connection with the surveilled
>>>>> person, in the man-in-the-middle sense, and inject trojanned code
>>>>> ("Bundestrojaner") into the updates of the victim.
>>>>>          
>>>> Using software from any source without interference from an
>>>> all-pervasive government is a very special, but unfortunatly today, a
>>>> very real issue for many people around the world.  To be secure, you
>>>> have to get pieces of the puzzle over multiple paths.  It all can't
>>>> come
>>>> via the net since then you're open to man-in-the-middle.
>>>>
>>>> Key-revocation announcements could come over the net (via an announce
>>>> list) but the new key would then have to come over a second channel.
>>>>
>>>> One second-channel option is the q6mth CD issue, which could
>>>> include a
>>>> new public key and e.g. known-hosts fingerprints.  This is
>>>> vulnerable to
>>>> a very determined man-in-the-middle who can replicate and then
>>>> alter the
>>>> CD before it arrives to you in the mail.
>>>>
>>>> Another option is a trusted courier flying to Alberta and get a CD
>>>> from
>>>> the OpenBSD store  (yeah, right).
>>>>
>>>> In fact, likely any other technological option (e.g. an answering
>>>> machine in Alberta that spits out the alphanumerics of the current
>>>> master public key) is still suceptible.
>>>>
>>>> If every piece of information you receive is filter through your
>>>> government, is there any hand-shaking protocol that can allow you to
>>>> establish a verified information connection (not necessarily
>>>> encrypted)?
>>>> I don't think so.
>>>>
>>>> Sure, Debian has signed .debs that use gpg as a back end (the
>>>> system is
>>>> called apt-key), it relies on you trusting the fist key that you get
>>>> from them.  Since Debian doesn't actually mail out its own CDs,
>>>> everything is off its mirrors.  apt-key only 'protects' you from a
>>>> later
>>>> man-in-the-middle.
>>>>
>>>> I think that this is the central 'problem' that people are dancing
>>>> around.
>>>>
>>>> Personally, if this thread is to continue, I would like to see it
>>>> move
>>>> from a "Why doesn't OpenBSD do things this way?" to a "What are the
>>>> threat models for OpenBSD identity theft and how can we protect
>>>> ourselves?".
>>>>
>>>> Doug.
>>>>
>>>>
>>>>        
>>> --
>>> http://www.glumbert.com/media/shift
>>> http://www.youtube.com/watch?v=tGvHNNOLnCk
>>> "This officer's men seem to follow him merely out of idle curiosity."
>>> -- Sandhurst officer cadet evaluation.
>>> "Securing an environment of Windows platforms from abuse - external or
>>> internal - is akin to trying to install sprinklers in a fireworks
>>> factory where smoking on the job is permitted."  -- Gene Spafford

>bofh wrote:
>> Code signing by blood.  ISAGN.
>>
>>
>> "Sorry marc - had to do it"
>>
>>  
>
>
>what if theo is a "person of interest", has his endpoint surveilled and
>his key and passphrase are compromised? if somebody stole a pint of
>blood, that could go a long way in your proposed plan...
>
>short of having a web of trust, meeting people in person to sign their
>keys and assuming private keys and passphrases have not been
>compromised, you're pretty much SOL here. best bet is to use anoncvs and
>verify your cvs server's public key in person, but even that is a PITA.
>if massive databases of key fingerprint collisions exist MITM is very
>real even with a key fingerprint, multiple fingerprints make this much
>harder.
>
>if anyone has a non-trivial quantum computer or remote viewing really
>works, the gig is pretty much up anyhow.
>
>< jy-p cinches his tinfoil hat and returns to following the yellow brick
>road... >

>
>
>> On 12/6/07, Jeff I. Ragland <jeff.i.ragland@...> wrote:
>>  
>>> On 06 Dej 2007, at 5:39 LL, bofh wrote:
>>>
>>>    
>>>> You forgot one option.  Invite Theo to give a talk, and ask him to
>>>> bring the CDs.  If you can't trust Theo's CDs, all hope is lost.
>>>>      
>>> And how would you know that it is indeed Theo and not someone that
>>> looks like him? I think that blood samples and DNA tests is the only
>>> way to go here.
>>>
>>>
>>>    
>>>> Just need to make sure there're some mountains around for Theo to go
>>>> climb.  If you live on a flatland, then, sorry, you're doomed.
>>>>
>>>>
>>>> On 12/6/07, Douglas A. Tutty <dtutty@...> wrote:
>>>>      
>>>>> On Thu, Dec 06, 2007 at 11:48:55AM +0100, Hannah Schroeter wrote:
>>>>>
>>>>>        
>>>>>> One risk would be the plans of "online surveillance" of computers
>>>>>> e.g.
>>>>>> in Germany. One way to install surveillance even on OpenBSD would
>>>>>> be to
>>>>>> actively interfere with the internet connection with the surveilled
>>>>>> person, in the man-in-the-middle sense, and inject trojanned code
>>>>>> ("Bundestrojaner") into the updates of the victim.
>>>>>>          
>>>>> Using software from any source without interference from an
>>>>> all-pervasive government is a very special, but unfortunatly today, a
>>>>> very real issue for many people around the world.  To be secure, you
>>>>> have to get pieces of the puzzle over multiple paths.  It all can't
>>>>> come
>>>>> via the net since then you're open to man-in-the-middle.
>>>>>
>>>>> Key-revocation announcements could come over the net (via an announce
>>>>> list) but the new key would then have to come over a second channel.
>>>>>
>>>>> One second-channel option is the q6mth CD issue, which could
>>>>> include a
>>>>> new public key and e.g. known-hosts fingerprints.  This is
>>>>> vulnerable to
>>>>> a very determined man-in-the-middle who can replicate and then
>>>>> alter the
>>>>> CD before it arrives to you in the mail.
>>>>>
>>>>> Another option is a trusted courier flying to Alberta and get a CD
>>>>> from
>>>>> the OpenBSD store  (yeah, right).
>>>>>
>>>>> In fact, likely any other technological option (e.g. an answering
>>>>> machine in Alberta that spits out the alphanumerics of the current
>>>>> master public key) is still suceptible.
>>>>>
>>>>> If every piece of information you receive is filter through your
>>>>> government, is there any hand-shaking protocol that can allow you to
>>>>> establish a verified information connection (not necessarily
>>>>> encrypted)?
>>>>> I don't think so.
>>>>>
>>>>> Sure, Debian has signed .debs that use gpg as a back end (the
>>>>> system is
>>>>> called apt-key), it relies on you trusting the fist key that you get
>>>>> from them.  Since Debian doesn't actually mail out its own CDs,
>>>>> everything is off its mirrors.  apt-key only 'protects' you from a
>>>>> later
>>>>> man-in-the-middle.
>>>>>
>>>>> I think that this is the central 'problem' that people are dancing
>>>>> around.
>>>>>
>>>>> Personally, if this thread is to continue, I would like to see it
>>>>> move
>>>>> from a "Why doesn't OpenBSD do things this way?" to a "What are the
>>>>> threat models for OpenBSD identity theft and how can we protect
>>>>> ourselves?".
>>>>>
>>>>> Doug.
>>>>>
>>>>>
>>>>>        
>>>> --
>>>> http://www.glumbert.com/media/shift
>>>> http://www.youtube.com/watch?v=tGvHNNOLnCk
>>>> "This officer's men seem to follow him merely out of idle curiosity."
>>>> -- Sandhurst officer cadet evaluation.
>>>> "Securing an environment of Windows platforms from abuse - external or
>>>> internal - is akin to trying to install sprinklers in a fireworks
>>>> factory where smoking on the job is permitted."  -- Gene Spafford

> Ted Unangst wrote:
> > give it a rest guys.
>
> Ted says everything is ok.  We can pack up and call it a day, knowing
> that everything's settled once and for all.
>
> Seriously, if the process has been already worked out, then point to
> where it is  written up.  Maybe we're not looking in the right part of
> the FAQ.
>
> -Lars

> HITLER AND MORE HITLER
>
> On Thu, Dec 06, 2007 at 08:28:21PM +0200, Lars Nood??n wrote:
> > Ted Unangst wrote:
> > > give it a rest guys.
> >
> > Ted says everything is ok.  We can pack up and call it a day, knowing
> > that everything's settled once and for all.
> >
> > Seriously, if the process has been already worked out, then point to
> > where it is  written up.  Maybe we're not looking in the right part of
> > the FAQ.
> >
> > -Lars

> Hi!
>
> On Wed, Dec 05, 2007 at 06:46:15PM -0500, STeve Andre' wrote:
> >[...]
> >
> >You know, you're descending into a recursive loop of "if, if, if..." and
> >it never ends.  OF COURSE if someone breaks into the site they could
> >do things--once you've lost control of your site all bets are off.  I dare
> >say that someone breaking into a site might find all the appropriate
> >tools to re-sign things, too, and do the spoof that way.
>
> If I released code with cryptographic signatures, I'd not leave a secret
> key file, nor a passphrase on the servers with the master web/ftp
> site. I'd sign on a box you can't access from the master site (nor
> the mirrors). So, no, the attacker would *not* gain access to signing
> tools (ok, yes, the tools, perhaps, like gpg or openssl, but not the
> key material).
>
> >--STeve Andre'
>
> Kind regards,
>
> Hannah.