Re: Fwd: Fwd: question regarding verification of a debian installation iso
On Mon, Jan 3, 2011 at 7:06 PM, Naja Melan najame...@gmail.com wrote: I totally agree, but from my position as an end user I can only start by raising the issues I can observe because I am confronted with them. I don't know the security policies for debian/fedora developers if those even exist or whether they are being executed properly. I can only raise a point and draw my conclusions from how serious it is being taken to assess the general trust I decide to put in a certain product. I should note that I am little more than an interested Debian user. I can't speak for the Debian project. Though I do find the subject interesting enough to pursue discussion. I suppose they just choose https, as the basis of their security, which obviously only protects the transporting. The key is signed by two other keys though but verification suffers from the same limitation as with debian of course. I believe the underlying issue is assuring the integrity of the software being downloaded from whatever source (keeping in mind how Debian, as well as many other distros, uses mirrors). I can see how HTTPS can be beneficial. But ultimately, I think too much emphasis / trust is being put on HTTPS in this conversation. If you can solve the issue of trusting a signing key, then you are a lot further along with the issue of integrity since it can be applied to more than just MITM attacks. And again - I think MITM is the lesser risk here. The web of trust issue is core to a decentralized system like PGP. The issue, as I see it, is understanding how PGP works and how to make reasonable judgments on when one trusts a key. Having to do this has always been both an advantage and a disadvantage of PGP. It takes some effort. But then, there are times when you can't reasonably get around that. Documentation (and good end user judgment) is probably the way to tackle this. That is true and good, but these instructions only speak about md5, which means that the other hashes are probably only used by people who know why not use md5. That would probably be the easiest thing to address - update documentation to no longer use MD5, even if it is still made available to those who insist on using it. -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlkti=+dwd_m2u6s7jobj1mf_p2dbfpqbijidcse...@mail.gmail.com
Re: Fwd: Fwd: question regarding verification of a debian installation iso
On Seg, 03 Jan 2011, Naja Melan wrote: Currently I'm installing fedora, because it seems that that is as good as it gets with https. Their site is very neat and informative in verifying their downloads, it all comes over certified https even extra tools like the liveusb-creator. This gives me at least a higher sense of trust than the current debian situation. How much do you trust your USB drive? It could have a malicious controller that detects when the correct Fedora files are written to it, and replaces with hacked copies. And when you try to verify the copy, it detects this and returns the SHA1 (or any other checksum) of the original files. -- The world is not octal despite DEC. Eduardo M KALINOWSKI edua...@kalinowski.com.br -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110103085520.16886b3z7vat4...@mail.kalinowski.com.br
Re: Fwd: Fwd: question regarding verification of a debian installation iso
On Dom, 02 Jan 2011, Naja Melan wrote: 1. Probably the safest thing to do is buy a mac or windows cd in the shop, although there is (for me) no way of knowing how safe that really is. Do you trust the store? How do you know the store installed the pristine copy of Windows or Mac OS, and not a modified version? 2. Some linux distro's I see now do have certified https, like fedora which puts gpg fingerprints (SHA1) of their public keys on their certified website. 3. Other distros have md5 hashes over certified https, like ubuntu. (virtually a shared fourth place with debian) Do you trust Verisign or the issuer of the http certificate? 4. debian, which for a general user which has not been able to in a safe way obtain a chain of trust to the Debian CD signing key (read: next to everyone), it boils down to, well, plain http! Whenever I need to install a secure system, or advise someone on how to do that, I will have to pick something from that list or avoid using a computer altogether. MD5 is truly ridiculous, so I won't go into it (google search will). It's fine for detecting random transmission errors or errors in burning to CD/DVD media. For security purposes, yes, it can be hacked. Https has like I said serious drawbacks that are unfortunately not known by the people using it, and unfortunately are not turned up easily by a web search. I would avoid having to go into details about it unless there is a true genuine need for a security review of https (amongst other reasons because I don't consider myself an expert). In previous paragraphs you seemed to imply that it is good enough, when you mentioned other distros that use https. -- There's a fine line between courage and foolishness. Too bad it's not a fence. Eduardo M KALINOWSKI edua...@kalinowski.com.br -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110103084514.808554wte9drl...@mail.kalinowski.com.br
Re: Fwd: Fwd: question regarding verification of a debian installation iso
On Seg, 03 Jan 2011, Eduardo M KALINOWSKI wrote: 2. Some linux distro's I see now do have certified https, like fedora which puts gpg fingerprints (SHA1) of their public keys on their certified website. 3. Other distros have md5 hashes over certified https, like ubuntu. (virtually a shared fourth place with debian) Do you trust Verisign or the issuer of the http certificate? And also: if you trust them, are you sure the certificate you have in your machine for verification is the actual certificate? You could go to the issuer's site and look for the fingerprint for verification. But how can you be sure that the fingerprint is legitimate? SSL can't help you here because of the chicken and egg problem. -- All rights reserved. Eduardo M KALINOWSKI edua...@kalinowski.com.br -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110103091443.72616hkehqli3...@mail.kalinowski.com.br
Re: Fwd: Fwd: question regarding verification of a debian installation iso
On Mon, Jan 03, 2011 at 03:42:42AM +0100, Naja Melan wrote: You've downloaded a bunch of certificates that came with your web browser. Why do you trust them? As I pointed out above there are many problems associated with https. Trusting the root certificates is one of those. Still the level of trust I have in them comes from: a) getting them shipped to me in a secure or at least somewhat secure way (which is the whole point of this thread, remember) Is that because you can buy the OS in a store? Was it pre-installed? If it's a microsoft product, did you check this nice hologram on the DVD? Or maybe microsoft has a hash of their DVDs on it's website? (For msdn subscribers you now can't even get the DVDs anymore and need to download things as far as I know.) b) some trust in the certification authorities and everyone that is supposed to check them, like auditors and browser/OS developers I have very limited trust in the CAs. c) some trust in developers that store and distribute them, like browser/OS developers to do that in a safe way [...] Currently I'm installing fedora, because it seems that that is as good as it gets with https. Their site is very neat and informative in verifying their downloads, it all comes over certified https even extra tools like the liveusb-creator. This gives me at least a higher sense of trust than the current debian situation. Personally I have a higher trust in what Debian is shipping because I know how things work in Debian and I've met all the people involved and probably signed their keys myself. So I think your problems are: - The main website doesn't have https (because it's mirrored) - You don't trust our CA because your browser/OS doesn't have it. - The instructions to verify things might need to be updated. Kurt -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110103153011.ga21...@roeckx.be
Re: Fwd: Fwd: question regarding verification of a debian installation iso
Eduardo M KALINOWSKI edua...@kalinowski.com.br writes: How much do you trust your USB drive? It could have a malicious controller that detects when the correct Fedora files are written to it, and replaces with hacked copies. And when you try to verify the copy, it detects this and returns the SHA1 (or any other checksum) of the original files. How would the USB drive tell whether you were reading the file to verify its checksum or to use its contents? -- Ben Pfaff http://benpfaff.org -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/877hem0xki@benpfaff.org
Re: Fwd: Fwd: question regarding verification of a debian installation iso
On Mon, 2011-01-03 at 08:19 -0800, Ben Pfaff wrote: Eduardo M KALINOWSKI edua...@kalinowski.com.br writes: How much do you trust your USB drive? It could have a malicious controller that detects when the correct Fedora files are written to it, and replaces with hacked copies. And when you try to verify the copy, it detects this and returns the SHA1 (or any other checksum) of the original files. How would the USB drive tell whether you were reading the file to verify its checksum or to use its contents? Because you forgot to make sure that the tin foil fit tightly. ;) -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1294072117.2224.20.ca...@kestrel
Re: Fwd: Fwd: question regarding verification of a debian installation iso
I have very limited trust in the CAs. So do I. It is actually not the point. Either we consider them useless, in which case we should refuse to use them and oppose them because they provide a false sense of security. We should then think of alternatives. If we consider them still a bit more secure than plain http, we should use them, without getting naive and thinking that they do wonders and without stopping to still think of alternatives. The actual exact level of trust we have in them is quite irrelevant in that sense. To just elaborate briefly on it: If I use *http*, anyone, anywhere even on my LAN, going upwards all the way through the internet all the way to the download site, could mess with my downloads. Anyone, without special clearances, courtorders, connections etc. All they need is access to a router, server, wifi network or lan or actually just cable that i am communicating through. They don't even need to be very skilled, because there is plenty of software out there to do MITM attacks readymade. They don't even need to mount a collision attack in md5, because they could just change the checksums file to send me another hash. It couldn't be simpler actually. If I use *https*, like when i downloaded fedora yesterday, then the weakest link was fedora's https. So anyone managing to crack that would be able to send me whatever they want basically. If we just omit the very real life risks of poor server implementations and poor security attitudes of people using https for a moment, coming to the trust of CA's, than basically it is conceivable that a government or a big economical power for my part manages to obtain a false certificate from the root CA. It is hard to assess this risk without being either naive or paranoid because we know very litte about the CA's, but I think that realistically speaking it would come down to either getting a court order, which probably needs a specific investigation etc, which becomes a rather far fetched risk when it comes down to downloading an operatiing system. Or it comes down to stealing the private key of the CA without them finding out, which is difficult to assess, we can only hope that CA's and the auditors do some effort to make that hard to very hard. Or it comes down to having the CA giving out false certificates which means they are completely betraying all their users, their policy and lying about it, because at least Go Daddy and Verisign claim that they never even had such a requesthttp://www.wired.com/threatlevel/2010/03/packet-forensics/by a law enforcement agency. All in all, I don't trust CA's, but if I realistically assess the difference in difficulty of sending me tampered with stuff over http or https, and the number of people having the means of doing so, I would say there is a big, very big difference between the two. For those who now start to write me to ask me how much i trust the people on my LAN, I can assure you that I have tightly wrapped them in tin foil, so I should be fine. Personally I have a higher trust in what Debian is shipping because I know how things work in Debian and I've met all the people involved and probably signed their keys myself. That is not the case for the uttermost part of the population on this globe. The rest of us, if we care at all, have to form our opinion from what is publicly visible, like what is on the website, and the attitude in mailinglists like this. So I think your problems are: - The main website doesn't have https (because it's mirrored) - You don't trust our CA because your browser/OS doesn't have it. - The instructions to verify things might need to be updated. My main problem is that by what is on the website and in this thread, I cannot find any practically achievable way of obtaining debian with any security level any higher than that of plain http. I don't quite see how changing the instructions to verify would alleviate that problem. On those instructions, I do have two remarks though. 1. They are in my opinion not comprehensible for a non geek user. I think here also it might be worth having a look at the fedora website https://fedoraproject.org/en/verifybecause it seems they are doing a better job. It is still not perfect, but the instructions are more accessible. 2. On the security level, I do think that the debian instructions give a false notion of security because they don't give an assessment of security for the reader, they just give the impression that they allow the user to verify the download, which related to malicious intent actually is wrong. To spot this, the reader must know that md5 is insecure, and that the proposed manner of obtaining the debian key is actually not secure. Any reader that is capable of executing the instructions, but not knowledgeable enough to see these two dangers might be led to believe that they have actually safely verified their download where in fact they have not. It is my
Re: Fwd: Fwd: question regarding verification of a debian installation iso
On Sun, Jan 2, 2011 at 5:24 PM, Naja Melan najame...@gmail.com wrote: If we want to seriously speak of security, than we might conceive that at an operating system level, amongst many other things, the issue of getting it from the developer to the user without it being tampered with on the way is quite an important point, less we ridicule ourselves. Currently this is how far I get on a practical level on this particular link of the security chain: 2. Some linux distro's I see now do have certified https, like fedora which puts gpg fingerprints (SHA1) of their public keys on their certified website. 3. Other distros have md5 hashes over certified https, like ubuntu. (virtually a shared fourth place with debian) 4. debian, which for a general user which has not been able to in a safe way obtain a chain of trust to the Debian CD signing key (read: next to everyone), it boils down to, well, plain http! HTTPS is going to make it harder for man-in-the-middle shenanigans, but that is only part of the path from the developer to the user. One also has to consider whether the project's servers have been tampered with - which tends to be the much more common attack (both Debian and RedHat / Fedora have experiences with this). HTTPS (certified or otherwise) connections to a compromised server means that you are reasonably sure you're getting data from that compromised server. It does little to protect you from compromised data. As an end user, you need some assurance of the integrity of the data you've downloaded. It really comes down to the signing key. And, more importantly, knowledge of how to handle and use that key. If anything, this might be an opportunity for better documentation on how to do that. One thing I don't like about Fedora's documentation is blindly getting their signing key from their own server and trusting that key. It may be a practical compromise between security and function - especially for the uninitiated. But if I were as concerned as Naja is about such things, I would be more inclined to scrutinize that key a bit more to ensure that a bogus key isn't accompanying a modified ISO on a compromised server. Additional notes about how to do that (and that such concerns exist) might also be part of said documentation. Also - I think this bears repeating since it seems to be overlooked in the above list. Debian does provide SHA1, SHA256, and SHA512 hashes as well as MD5 (all signed). -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktinkvi443na-h32mj1pbds46_jluaorv=gjy7...@mail.gmail.com
Fwd: Fwd: Fwd: question regarding verification of a debian installation iso
-- Forwarded message -- From: Robert Tomsick rob...@tomsick.net Date: Mon, Jan 3, 2011 at 7:52 PM Subject: Re: Fwd: Fwd: question regarding verification of a debian installation iso To: Naja Melan najame...@gmail.com On Mon, 2011-01-03 at 19:23 +0100, Naja Melan wrote: If the author of such instructions would be forced to justify say md5, I am quite confident that md5 would instantly be scrapped and replaced by better algorithm and we would instantly already have better and safer instructions. Given the attacks on MD5, it's useful as a check against corruption but basically useless against tampering. Implicitly suggesting otherwise (such as by presenting MD5 hashes as an alternative to SHA/RIPEMD hashes) is IMHO a rather bad idea, especially since the folks who need instructions on its use are likely to be unaware of its flaws. Still, this is a relatively minor issue since Debian also provides SHA-1 hashes alongside the MD5 ones. As far as the problem of trust, I really don't understand why HTTPS isn't the default for the page(s) serving the checksums. Yes, there are still a ton of ways that the sums could be altered (compromise of project servers, CA coercion/negligence + MITM, shadowy cabals, etc.) -- but that doesn't mean that we shouldn't try to raise the bar for attackers! Naja makes a good point: right now the only requirement to compromise a novice user's installation is to be able to conduct some form of MITM on their connection. If they're not a GPG user and download a Debian ISO over, say, a publicly-accessible wireless network or a sniffable LAN they're basically screwed -- at that point they've got to bank on not being worth attacking. Now it's true that that could be a pretty safe bet (it is for me) -- but I don't think it's one that we should force novice users to make.
Re: Fwd: Fwd: question regarding verification of a debian installation iso
Thanks for taking this subject serious. HTTPS is going to make it harder for man-in-the-middle shenanigans, but that is only part of the path from the developer to the user. One also has to consider whether the project's servers have been tampered with - which tends to be the much more common attack (both Debian and RedHat / Fedora have experiences with this). I totally agree, but from my position as an end user I can only start by raising the issues I can observe because I am confronted with them. I don't know the security policies for debian/fedora developers if those even exist or whether they are being executed properly. I can only raise a point and draw my conclusions from how serious it is being taken to assess the general trust I decide to put in a certain product. One thing I don't like about Fedora's documentation is blindly getting their signing key from their own server and trusting that key. Hmm, I see your point, that is strange because on this pagehttps://fedoraproject.org/en/keys, one link down they actually point to keys.gnupg.nethttp://http-keys.gnupg.net/which is where I got the key. I suppose they just choose https, as the basis of their security, which obviously only protects the transporting. The key is signed by two other keys though but verification suffers from the same limitation as with debian of course. Also - I think this bears repeating since it seems to be overlooked in the above list. Debian does provide SHA1, SHA256, and SHA512 hashes as well as MD5 (all signed). That is true and good, but these instructionshttp://www.debian.org/CD/faq/#verify%20only speak about md5, which means that the other hashes are probably only used by people who know why not use md5. greetz, naja
Fwd: Fwd: Fwd: question regarding verification of a debian installation iso
sorry if this is a double post, but i got some mailer-deamon writing to me... and I think the original did not go to the list. -- Forwarded message -- From: Robert Tomsick rob...@tomsick.net Date: Mon, Jan 3, 2011 at 7:52 PM Subject: Re: Fwd: Fwd: question regarding verification of a debian installation iso To: Naja Melan najame...@gmail.com On Mon, 2011-01-03 at 19:23 +0100, Naja Melan wrote: If the author of such instructions would be forced to justify say md5, I am quite confident that md5 would instantly be scrapped and replaced by better algorithm and we would instantly already have better and safer instructions. Given the attacks on MD5, it's useful as a check against corruption but basically useless against tampering. Implicitly suggesting otherwise (such as by presenting MD5 hashes as an alternative to SHA/RIPEMD hashes) is IMHO a rather bad idea, especially since the folks who need instructions on its use are likely to be unaware of its flaws. Still, this is a relatively minor issue since Debian also provides SHA-1 hashes alongside the MD5 ones. As far as the problem of trust, I really don't understand why HTTPS isn't the default for the page(s) serving the checksums. Yes, there are still a ton of ways that the sums could be altered (compromise of project servers, CA coercion/negligence + MITM, shadowy cabals, etc.) -- but that doesn't mean that we shouldn't try to raise the bar for attackers! Naja makes a good point: right now the only requirement to compromise a novice user's installation is to be able to conduct some form of MITM on their connection. If they're not a GPG user and download a Debian ISO over, say, a publicly-accessible wireless network or a sniffable LAN they're basically screwed -- at that point they've got to bank on not being worth attacking. Now it's true that that could be a pretty safe bet (it is for me) -- but I don't think it's one that we should force novice users to make.
Re: Fwd: Fwd: question regarding verification of a debian installation iso
sorry if this is a double post, but i got some mailer-deamon writing to me... and I think the original did not go to the list. -- Forwarded message -- From: Robert Tomsick rob...@tomsick.net Date: Mon, Jan 3, 2011 at 7:52 PM - Hide quoted text - Subject: Re: Fwd: Fwd: question regarding verification of a debian installation iso To: Naja Melan najame...@gmail.com On Mon, 2011-01-03 at 19:23 +0100, Naja Melan wrote: If the author of such instructions would be forced to justify say md5, I am quite confident that md5 would instantly be scrapped and replaced by better algorithm and we would instantly already have better and safer instructions. Given the attacks on MD5, it's useful as a check against corruption but basically useless against tampering. Implicitly suggesting otherwise (such as by presenting MD5 hashes as an alternative to SHA/RIPEMD hashes) is IMHO a rather bad idea, especially since the folks who need instructions on its use are likely to be unaware of its flaws. Still, this is a relatively minor issue since Debian also provides SHA-1 hashes alongside the MD5 ones. As far as the problem of trust, I really don't understand why HTTPS isn't the default for the page(s) serving the checksums. Yes, there are still a ton of ways that the sums could be altered (compromise of project servers, CA coercion/negligence + MITM, shadowy cabals, etc.) -- but that doesn't mean that we shouldn't try to raise the bar for attackers! Naja makes a good point: right now the only requirement to compromise a novice user's installation is to be able to conduct some form of MITM on their connection. If they're not a GPG user and download a Debian ISO over, say, a publicly-accessible wireless network or a sniffable LAN they're basically screwed -- at that point they've got to bank on not being worth attacking. Now it's true that that could be a pretty safe bet (it is for me) -- but I don't think it's one that we should force novice users to make.
Fwd: Fwd: question regarding verification of a debian installation iso
Arto Artinian artin...@fastmail.fm : Hi Naja, I am not sure what your point is here? You don't trust pgp webs of trust, nor https, nor md5 checksums of debian sources. I mean, at some point if you want to use software that you didn't exclusively write and/or audit, you're gonna have to implicitly trust someone. If not, what's the alternative? Pano My point is: If we want to seriously speak of security, than we might conceive that at an operating system level, amongst many other things, the issue of getting it from the developer to the user without it being tampered with on the way is quite an important point, less we ridicule ourselves. Currently this is how far I get on a practical level on this particular link of the security chain: 1. Probably the safest thing to do is buy a mac or windows cd in the shop, although there is (for me) no way of knowing how safe that really is. 2. Some linux distro's I see now do have certified https, like fedora which puts gpg fingerprints (SHA1) of their public keys on their certified website. 3. Other distros have md5 hashes over certified https, like ubuntu. (virtually a shared fourth place with debian) 4. debian, which for a general user which has not been able to in a safe way obtain a chain of trust to the Debian CD signing key (read: next to everyone), it boils down to, well, plain http! Whenever I need to install a secure system, or advise someone on how to do that, I will have to pick something from that list or avoid using a computer altogether. MD5 is truly ridiculous, so I won't go into it (google search will). Https has like I said serious drawbacks that are unfortunately not known by the people using it, and unfortunately are not turned up easily by a web search. I would avoid having to go into details about it unless there is a true genuine need for a security review of https (amongst other reasons because I don't consider myself an expert). So basically, security comes in levels. Truly secure we have nothing at the moment. Somewhat secure is https and web of trust. Not at all secure is md5 or plain http, when we are talking about releasiing something to the public. You don't trust pgp webs of trust, nor https, nor md5 checksums of debian sources. So, my point is I feel I want to avoid the not at all secure category if I can, and was wondering why that kept me from using debian. I thought I had just missed something. If I didn't, given the number of people choosing debian for secure systems, that is troublesome, and more so because if the lax attitude vs verifying the installation media is representative for the whole debian development, than I just want to steer away from it and start telling people to stop using it. greetz, naja melan
Re: Fwd: Fwd: question regarding verification of a debian installation iso
On Mon, Jan 03, 2011 at 12:24:16AM +0100, Naja Melan wrote: Arto Artinian artin...@fastmail.fm : Hi Naja, I am not sure what your point is here? You don't trust pgp webs of trust, nor https, nor md5 checksums of debian sources. I mean, at some point if you want to use software that you didn't exclusively write and/or audit, you're gonna have to implicitly trust someone. If not, what's the alternative? Pano My point is: If we want to seriously speak of security, than we might conceive that at an operating system level, amongst many other things, the issue of getting it from the developer to the user without it being tampered with on the way is quite an important point, less we ridicule ourselves. Currently this is how far I get on a practical level on this particular link of the security chain: 1. Probably the safest thing to do is buy a mac or windows cd in the shop, although there is (for me) no way of knowing how safe that really is. 2. Some linux distro's I see now do have certified https, like fedora which puts gpg fingerprints (SHA1) of their public keys on their certified website. We have various https sites which shows you keys. But you need to have SPI's certificate in your web browser for that, which you probably don't have. You can find information about that at: http://oldwww.spi-inc.org/secretary/ You can see the keys of all developers on: https://db.debian.org/ I think you've also been pointed to: https://ftp-master.debian.org/keys.html Which contains the archive signing keys, but not the key to sign the CD releases. You can use either of the above ways to verify the content of CD. So now you're at the point where all your trust starts from SPI's certificate. And to import that you end back at a trusting a GPG signature and need the trust of web to verify that. Like I said in a previous mail, all your trust start from somewhere. You've downloaded a bunch of certificates that came with your web browser. Why do you trust them? Kurt -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110103013453.ga21...@roeckx.be
Re: Fwd: Fwd: question regarding verification of a debian installation iso
Thanks for pointing out those servers. On a practical level I don't really see how it helps though, because I don't see a realistic way of getting the certificate of SPI onto my computer. You've downloaded a bunch of certificates that came with your web browser. Why do you trust them? As I pointed out above there are many problems associated with https. Trusting the root certificates is one of those. Still the level of trust I have in them comes from: a) getting them shipped to me in a secure or at least somewhat secure way (which is the whole point of this thread, remember) b) some trust in the certification authorities and everyone that is supposed to check them, like auditors and browser/OS developers c) some trust in developers that store and distribute them, like browser/OS developers to do that in a safe way Admitted that is not much trust, but it is definitely more than plain http. Especially considering that an attacker must have it all setup beforehand. Downloading a linux distro does not leave sensitive traces afterwards. It's all about the moment of download. Currently I'm installing fedora, because it seems that that is as good as it gets with https. Their site is very neat and informative in verifying their downloads, it all comes over certified https even extra tools like the liveusb-creator. This gives me at least a higher sense of trust than the current debian situation. greetz naja melan