Re: Keysigning in times of COVID-19

To: debian-project@lists.debian.org
Subject: Re: Keysigning in times of COVID-19
From: Jonas Smedegaard <dr@jones.dk>
Date: Thu, 20 Aug 2020 12:13:56 +0200
Message-id: <[🔎] 159791843646.3529538.3507797184169759310@auryn.jones.dk>
In-reply-to: <[🔎] 874koxagix.fsf@hands.com>
References: <[🔎] 20200806155421.vb6prsd7gyjnbhmd@enricozini.org> <[🔎] 159768954219.3529538.3040549531150410986@auryn.jones.dk> <[🔎] 20200819133304.GA19329@pc181009.be.zetes.internal> <[🔎] 202008191204.27749.rhkramer@gmail.com> <[🔎] 874koxagix.fsf@hands.com>

Quoting Philip Hands (2020-08-20 10:05:42)
> rhkramer@gmail.com writes:
> 
> > On Wednesday, August 19, 2020 09:33:04 AM Wouter Verhelst wrote:
> >> If the term "malicious DD" is reasonable, we have a bigger problem 
> >> than "votes twice" or "uploads a backdoor".
> >> 
> >> aka, "a malicious DD exists" is already a problem.
> >
> > Do you have a suggested solution?
> >
> > I believe there are circumstances in which a non-malicious DD could 
> > evolve to a malicious DD.
> >
> > Or that a malicious DD could be very hard to detect if he didn't 
> > want to be detected (e.g., sociopath / psychopath).
> 
> Conjuring up a "mallicious DD" seems to carry with it the assumption 
> that only bad people do bad things, which seems naive to me.
> 
> This conversation reminds me of the trade-offs involved in airport 
> security.
> 
> One can decide to spend money on security theatre (e.g. expensive 
> scanners) or general resilience (e.g. more ambulances and emergency 
> responders). The former are much easier to point at, but the latter do 
> more to save lives because people having a medical emergency while 
> queing for checkin is _way_ more common than someone with actual 
> terrorist intent deciding to try to sneak an actual weapon through 
> security.
> 
> In this situation, tightening up our proceedures regarding keys 
> strikes me as much closer to the security theater end of the spectrum, 
> while efforts like Reproducible Builds are at the general resilience 
> end.
> 
> If I were a sociopath contemplating sabotage in the Free Software 
> sphere, going to the effort of becoming a DD, even for the first time, 
> would be nowhere near the top of my list.
> 
> Does DAM actually have any cases at all where they suspect a 
> previously expelled DD of trying to sneak back into the project under 
> a new ID?
> 
> If not, then either our proceedures are already broken enough that 
> temproarily slackening keysigning protocols won't make the slightest 
> difference, or the threat is probably not worth worrying about.

Seems to me you are addressing only the "uploads a backdoor".

Any opinion on the "votes twice" part? Anyone?


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

Attachment: signature.asc
Description: signature

Reply to:

Follow-Ups:
- Re: Keysigning in times of COVID-19
  - From: Russ Allbery <rra@debian.org>

References:
- Keysigning in times of COVID-19
  - From: Enrico Zini <enrico@enricozini.org>
- Re: Keysigning in times of COVID-19
  - From: Jonas Smedegaard <dr@jones.dk>
- Re: Keysigning in times of COVID-19
  - From: Wouter Verhelst <wouter@debian.org>
- Re: Keysigning in times of COVID-19
  - From: rhkramer@gmail.com
- Re: Keysigning in times of COVID-19
  - From: Philip Hands <phil@hands.com>

Prev by Date: Re: Keysigning in times of COVID-19
Next by Date: Re: Keysigning in times of COVID-19
Previous by thread: Re: Keysigning in times of COVID-19
Next by thread: Re: Keysigning in times of COVID-19
Index(es):
- Date
- Thread