Re: [Tails-dev] flaw in: Correlates several downloads of Tai…

Borrar esta mensaxe

Responder a esta mensaxe
Autor: intrigeri
Data:  
Para: The Tails public development discussion list
Asunto: Re: [Tails-dev] flaw in: Correlates several downloads of Tails signing key
hi,

adrelanos wrote (01 Nov 2012 12:44:45 GMT) :
> https://tails.boum.org/doc/get/trusting_tails_signing_key/index.en.html#index1h1


> As far I understand, this chapter assumes an adversary in a position to
> break SSL or strip SSL (and the user not noticing).


Implicitly, yes.

> With that assumption in mind, look at the graphic below.


> user <-> user ISP <-> internet <-> boum.org ISP <-> boum.org server
> MITM less likely for this route | no help for this route


> This suggestion does not help against an adversary able to tamper with
> traffic going through the boum.org ISP. No matter from which place the
> user visits boum.org, an adversary in that position can always tamper
> with the traffic.


Right.

Please note that it's generally harder to do it on boum.org's side
without many people noticing, than it is to do on the side of a given
targetted user.

> This is still a useful suggestion for many people. For example for
> people in censored countries, which get the key several times through
> different Tor nodes and trust that more than their own network.


> I think these limitations should be noted nonetheless.


I'm unsure it's worth making this part of the documentation more
heavy. Every word added to a documentation page decreases the chances
this page is read at all.

The part you are refering to is about "a simple technique to increase
the trust you can put in Tails signing key", which is pretty vague,
and does not do any false promises IMHO.

The part that follows (Using the OpenPGP Web of Trust) start with:

If you want to be extra cautious and really authenticate Tails
signing key in a stronger way than what standard HTTPS offers you,
you will need to use the OpenPGP Web of Trust.

So, I believe we already deal with the "if your adversary breaks SSL
at breakfast time, download correlation may not be enough" part.

Anyway, I'd be happy to review a patch that tries to improve the whole
thing without making the page too much heavier :)

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc