Re: Code signing in OpenBSD

[Jeff I. Ragland]

On 06 NN5N: 2007, at 5:39 NN, bofh wrote:

You forgot one option.  Invite Theo to give a talk, and ask him to
bring the CDs.  If you can't trust Theo's CDs, all hope is lost.

And how would you know that it is indeed Theo and not someone that
looks like him? I think that blood samples and DNA tests is the only
way to go here.

Just need to make sure there're some mountains around for Theo to go
climb.  If you live on a flatland, then, sorry, you're doomed.


On 12/6/07, Douglas A. Tutty <[EMAIL PROTECTED]> wrote:

On Thu, Dec 06, 2007 at 11:48:55AM +0100, Hannah Schroeter wrote:

One risk would be the plans of "online surveillance" of computers
e.g.
in Germany. One way to install surveillance even on OpenBSD would
be to
actively interfere with the internet connection with the surveilled
person, in the man-in-the-middle sense, and inject trojanned code
("Bundestrojaner") into the updates of the victim.

Using software from any source without interference from an
all-pervasive government is a very special, but unfortunatly today, a
very real issue for many people around the world.  To be secure, you
have to get pieces of the puzzle over multiple paths.  It all can't
come
via the net since then you're open to man-in-the-middle.

Key-revocation announcements could come over the net (via an announce
list) but the new key would then have to come over a second channel.

One second-channel option is the q6mth CD issue, which could
include a
new public key and e.g. known-hosts fingerprints.  This is
vulnerable to
a very determined man-in-the-middle who can replicate and then
alter the
CD before it arrives to you in the mail.

Another option is a trusted courier flying to Alberta and get a CD
from
the OpenBSD store  (yeah, right).

In fact, likely any other technological option (e.g. an answering
machine in Alberta that spits out the alphanumerics of the current
master public key) is still suceptible.

If every piece of information you receive is filter through your
government, is there any hand-shaking protocol that can allow you to
establish a verified information connection (not necessarily
encrypted)?
I don't think so.

Sure, Debian has signed .debs that use gpg as a back end (the
system is
called apt-key), it relies on you trusting the fist key that you get
from them.  Since Debian doesn't actually mail out its own CDs,
everything is off its mirrors.  apt-key only 'protects' you from a
later
man-in-the-middle.

I think that this is the central 'problem' that people are dancing
around.

Personally, if this thread is to continue, I would like to see it
move
from a "Why doesn't OpenBSD do things this way?" to a "What are the
threat models for OpenBSD identity theft and how can we protect
ourselves?".

Doug.

--
http://www.glumbert.com/media/shift
http://www.youtube.com/watch?v=tGvHNNOLnCk
"This officer's men seem to follow him merely out of idle curiosity."
-- Sandhurst officer cadet evaluation.
"Securing an environment of Windows platforms from abuse - external or
internal - is akin to trying to install sprinklers in a fireworks
factory where smoking on the job is permitted."  -- Gene Spafford