Re: debcheckroot v2.0 released
On Mon, Mar 23, 2020 at 4:00 PM Elmar Stellnberger wrote: > The only site which is still making problems is cdimage.debian.org. > Could any good Christ from the Debian community have a look at this > issue. The server maintainers would need to complain about the rogue cert! I've forwarded this to the Debian sysadmins IRC channel. I think it is related to the fact that the cdimage.d.o server is not managed by the Debian sysadmins, so the UMU ACC admins probably used Lets Encrypt to get certs, and then of course the TLSA records got outdated after the renewal. For other debian.org domains that are not managed by the Debian sysadmins, we centrally create the certs and propagate them to external services (like the CDNs for deb.d.o). The cdimage.d.o server isn't a CDN and probably doesn't have cert APIs but we can probably use the same approach to fix this. -- bye, pabs https://wiki.debian.org/PaulWise
Re: debcheckroot v2.0 released
I have just released a̅tea v0.6: https://www.elstel.org/atea/ . It now implements SNI (Server Name Indication) and can thus also be successfully used to download files like my public gpg key from elstel.org. atea tii-cert -rv https://cdimage.debian.org TLSA record (first three bytes are for TLSA-mode): 03:01:01:0c:8e:2d:2b:49:50:6b:cc:77:f7:70:5d:ee:69:fe:a2:30:93:55:5e:88:a2:68:4c:79:8b:8c:e1:84:2b:32:6f hash of the server certificate: 7d:86:1f:c8:c6:d0:54:ec:74:81:3e:c4:0d:7e:14:45:50:1f:0d:0a:50:11:f1:44:bf:85:cc:6e:2f:8f:cd:ee certificate signature in TLSA record did not match (https://cdimage.debian.org) server cert written to 'cdimage.debian.org-rogue.pem'. The only site which is still making problems is cdimage.debian.org. Could any good Christ from the Debian community have a look at this issue. The server maintainers would need to complain about the rogue cert! Am 04.03.20 um 20:57 schrieb Elmar Stellnberger: If anyone wants to play with atea use it under GPLv3. I forgot to add the license header in the file but this email should entitle you to use the program under GPLv3. Elmar Am 04.03.20 um 20:51 schrieb Elmar Stellnberger: Hint: You can use -v to get a more verbose output if atea fails which includes the sha256 hash of the certificate (-vv would also be possible). From version 0.5 on atea should also do it without the --sys-keyfile option. For me atea succeeds with domains like mail.dotplex.com, secure.dotplex.de or web4.dotplex.com. Pages like ssl-tools.net do already cause problems and my own domain www.elstel.org could sometimes be reached em ordem and sometimes not (see the two certificates in the https://www.elstel.org/DANE/ tar file which have the same start and ending date, one of them is a rogue certificate). The only domain where I have never succeeded is cdimage.debian.org. Is it permanently spoofed or did the Debian maintainers just enter a wrong hash in the TLSA record? Am 04.03.20 um 20:41 schrieb Elmar Stellnberger: It would be a question if anyone has tried to download a SHA512SUMS file from cdimage.debian.org with atea? As it turned out downloading this file with tails/tor is NOT sufficient. I have verified a Debian Live 10.1.0 DVD image against the Debian 10.1.0 Install BD-DL I have. Debcheckroot reported several infected packages like mkinitramfs, ispell and several pam-modules though mounting the squashfs may already have triggered some malware. Yours Sincerely Elmar Stellnberger Am 04.03.20 um 20:04 schrieb Elmar Stellnberger: Hi folks You can now download the indicated program at https://www.elstel.org/atea/ and read some documentation at https://www.elstel.org/DANE/. Kind Regards, Elmar Am 17.01.20 um 16:52 schrieb Elmar Stellnberger: Hi Cindy Sue! Hi folks! I must confess there is little you can do about missing emails with debcheckroot. You can spot rootkits with hindsight but intelligence can also break in and go without leaving any trace. What would to my mind be necessary for a more secure email communication is a better penetration of DANE. Many CAs are known to issue rogue certificates to secret services so the public key is the only thing that may be trustworthy of a certificate. If that public key is signed and bound to a domain with DNSSEC (this is then called DANE) it shall be safe. I would guess that email dispatching was If safe if encrypted and saved by DANE all the way to its target. F.i. it seems likely that intelligence just tries to halt email delivery if some suspicious email is in the queue until they have assessed what they wanna do about it. And it is questionable how those emails which seem to be sent successfully but which do not reach their target get lost. Something I as an end user can do about the emailing problem is to write and send my emails on a secure machine. If I am using webmail or an emailing program this requires to preconfigure certificates known to be safe and to only allow these. All CAs need to be disabled since the average user will never know which CAs issue rogue certificates. According to my knowledge any simple web page invocation immediately results in a cracked system if it is using a spoofed certificate which can not be excluded for any simple web search. Luckily my hoster provides DANE for the machines used for email delivery, webmailing and my website configuration panel. And I am still using a Debian 8 read only stick to boot such a secure system. Why the hell Debian 8? Isn`t that insecure? I believe it isn`t as long as I only visit these two web pages of my hoster. Unfortunately newer versions of Firefox have a special implementation for so called HSTS (http strict transport security) certificates. You can not add a security exception for such a certificate but you need to configure all dependent certification authorities for such a certificate. However with the first CA you acknowledge you compromise your system`s sec