From owner-freebsd-security@FreeBSD.ORG Thu Dec 1 07:48:01 2005 Return-Path: X-Original-To: freebsd-security@FreeBSD.org Delivered-To: freebsd-security@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3670A16A41F for ; Thu, 1 Dec 2005 07:48:01 +0000 (GMT) (envelope-from netchild@FreeBSD.org) Received: from www.ebusiness-leidinger.de (jojo.ms-net.de [84.16.236.246]) by mx1.FreeBSD.org (Postfix) with ESMTP id 276A843D5A for ; Thu, 1 Dec 2005 07:47:59 +0000 (GMT) (envelope-from netchild@FreeBSD.org) Received: from Andro-Beta.Leidinger.net (p54A5F67A.dip.t-dialin.net [84.165.246.122]) (authenticated bits=0) by www.ebusiness-leidinger.de (8.13.1/8.13.1) with ESMTP id jB17LFUf021585; Thu, 1 Dec 2005 08:21:16 +0100 (CET) (envelope-from netchild@FreeBSD.org) Received: from localhost (localhost [127.0.0.1]) by Andro-Beta.Leidinger.net (8.13.3/8.13.3) with ESMTP id jB17luVZ061144; Thu, 1 Dec 2005 08:47:56 +0100 (CET) (envelope-from netchild@FreeBSD.org) Received: from pslux.cec.eu.int (pslux.cec.eu.int [158.169.9.14]) by webmail.leidinger.net (Horde MIME library) with HTTP; Thu, 01 Dec 2005 08:47:56 +0100 Message-ID: <20051201084756.rtmyuy7uvqoo44ck@netchild.homeip.net> X-Priority: 3 (Normal) Date: Thu, 01 Dec 2005 08:47:56 +0100 From: Alexander Leidinger To: Peter Jeremy References: <20051127182116.GA30426@cirb503493.alcatel.com.au> <000e01c5f410$2de67820$1300110a@pooptop> <20051130144343.od5die60gsw4k0k0@netchild.homeip.net> <20051130181530.GE32006@cirb503493.alcatel.com.au> <20051130194250.255d2e18@Magellan.Leidinger.net> <20051201061530.GG32006@cirb503493.alcatel.com.au> In-Reply-To: <20051201061530.GG32006@cirb503493.alcatel.com.au> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) H3 (4.0.3) / FreeBSD-4.11 X-Virus-Scanned: by amavisd-new X-Mailman-Approved-At: Thu, 01 Dec 2005 12:42:21 +0000 Cc: freebsd-security@FreeBSD.org Subject: Re: Reflections on Trusting Trust X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Dec 2005 07:48:01 -0000 Peter Jeremy wrote: > On Wed, 2005-Nov-30 19:42:50 +0100, Alexander Leidinger wrote: >> But if you get the same *wrong* data (for the PGP keys it's >> relatively easy to verify) from several locations (cvsup*.FreeBSD.org + >> cvsweb.freebsd.org + www.freebsd.org, don't forget to check if they >> point to a reasonable amount of different IP's; > > Keep in mind that for most people these addresses will all go through > a single ISP. You need to to check several locations via several > different paths (eg home and work or maybe cross-check with a friend > who uses a different ISP). Yes. >> the printed handbook >> and the handbook on the release CDs), then you have other things to >> worry about... > > I agree that if Agent Smith is out to get you then you have problems. > >> Assuming enough resources: ATM only by downloading all and diffing >> them. If they all match, you are either busted already since the >> attacker controls too much, or you can say the probability is high >> enough that you got a copy of the original repository. > > This is non-trivial because the repository is not static and CVS > doesn't store transaction logs that would allow you to reproduce the > repository state at a point in time. I didn't sayd it's easy. And you need a little bit of knowledge. But then you "just" need to "diff -ru" and review the differences. This is not a "true/false" test, so you need to do an amount of work and understand the results. I agree that this can be improved, but if you need this confidence *now*: it's not that hard, just time consuming (depending on the amount of data you want to verify, and at least for the pgp keys it's easy, since this part of the repository doesn't change that often). Bye, Alexander. -- http://www.Leidinger.net/ Alexander @ Leidinger.net: PGP ID = B0063FE7 http://www.FreeBSD.org/ netchild @ FreeBSD.org : PGP ID = 72077137 Look out! Behind you!