Re: SSL for debian.org/security?
Djones Boni:
> A Debian THS is a good idea for the security it provides, not for
> anonymity or down rate. It would be harder to someone MITM and hide
> updates from you. That is why Debian should use SSL (and THS).
Downloading apt-get updates over Tor hidden services would be awesome!
- Even when an adversary found a way to exploit apt-get's OpenPGP
verification, the exploit could not be used, because Tor hidden
services implement its own encryption/authentication.
- An adversary could not even know that someone is downloading apt-get
updates.
- We obscure more internet traffic, good for Tor (diversifying user
base and use cases), adding more hay to the haystack.
- It becomes more difficult to mount rollback/freeze attacks. We have
the valid-until field, but Tor HS would be a nice as defense in depth.
And before someone says, the Tor network does not want such kind of
traffic...
Having my Whonix (a Debian derivative) hat on:
There is no such issue. One can use Tor to download updates. We asked
torproject.org, if it is okay to download operating system updates
over Tor, see [1] [2]. Andrew Lewman (Executive Director, Director,
press contact [3]) does also download a lot of updates over Tor and
did not complain. [4]
[1] https://lists.torproject.org/pipermail/tor-talk/2012-March/023486.html
[2]
https://lists.torproject.org/pipermail/tor-talk/2012-March/subject.html#23507
[3] https://www.torproject.org/about/corepeople.html.en
[4] https://lists.torproject.org/pipermail/tor-talk/2012-March/023493.html
Reply to: