Re: xz backdoor

To: debian-devel@lists.debian.org
Subject: Re: xz backdoor
From: Bastian Blank <waldi@debian.org>
Date: Sun, 31 Mar 2024 09:21:56 +0200
Message-id: <[🔎] 20240331072156.lasu37crgaluzmcb@shell.thinkmo.de>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] ZgkLUpYx8qf9I_Jv@belkar.wrar.name>
References: <[🔎] ZgcgCR8uDPIXVJS_@akarlsso-mac.trudheim.com> <[🔎] 87a5mgkcn4.fsf@hope.eyrie.org> <[🔎] 875xx4k9bv.fsf@hope.eyrie.org> <[🔎] 36567ed4-7246-4466-9122-2934d6e9f18f@debian.org> <[🔎] Zgg3Gm0aGIdQCMua@bongo.bofh.it> <[🔎] 845606FD-868C-4509-A0B1-5B43228CACF7@riseup.net> <[🔎] 9b21d870fa7b67add8c4f52016012bd3@kvr.at> <[🔎] ZgjI6eznpC34xsbs@novelo> <[🔎] ZgkLUpYx8qf9I_Jv@belkar.wrar.name>

On Sun, Mar 31, 2024 at 12:05:54PM +0500, Andrey Rakhmatullin wrote:
> On Sat, Mar 30, 2024 at 11:22:33PM -0300, Santiago Ruano Rincón wrote:
> > As others have said, the best solution is to relay on HSW for handling
> > the cryptographic material.
> Aren't these answers to different questions?
> Not all attacks are about stealing the key or using it to sign unintended
> things.

Also a HSM does only allow to control access to the cryptographic
material.  But it asserts no control over what is actually signed.

So an attacker needs to wait until you ask the HSM it is okay to sign
something.

Bastian

-- 
War isn't a good life, but it's life.
		-- Kirk, "A Private Little War", stardate 4211.8

Reply to:

Follow-Ups:
- Re: xz backdoor
  - From: Simon Josefsson <simon@josefsson.org>
- Re: xz backdoor
  - From: Luca Boccassi <bluca@debian.org>

References:
- xz backdoor
  - From: Sirius <sirius@trudheim.com>
- Re: xz backdoor
  - From: Russ Allbery <rra@debian.org>
- Re: xz backdoor
  - From: Russ Allbery <rra@debian.org>
- Re: xz backdoor
  - From: Jonathan Carter <jcc@debian.org>
- Re: xz backdoor
  - From: Marco d'Itri <md@Linux.IT>
- Re: xz backdoor
  - From: Santiago Ruano Rincón <santiagorr@riseup.net>
- Re: xz backdoor
  - From: Christian Kastner <ckk@kvr.at>
- Re: xz backdoor
  - From: Santiago Ruano Rincón <santiagorr@riseup.net>
- Re: xz backdoor
  - From: Andrey Rakhmatullin <wrar@debian.org>

Prev by Date: Re: Validating tarballs against git repositories
Next by Date: Re: Is it allowed to remove attribution in public domain "licensed" source code? (and pondering about ftp-level reviews)
Previous by thread: Re: xz backdoor
Next by thread: Re: xz backdoor
Index(es):
- Date
- Thread