[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SSL for debian.org/security?

Djones Boni:
> A Debian THS is a good idea for the security it provides, not for 
> anonymity or down rate. It would be harder to someone MITM and hide
> updates from you. That is why Debian should use SSL (and THS).

Downloading apt-get updates over Tor hidden services would be awesome!

- Even when an adversary found a way to exploit apt-get's OpenPGP
verification, the exploit could not be used, because Tor hidden
services implement its own encryption/authentication.
- An adversary could not even know that someone is downloading apt-get
- We obscure more internet traffic, good for Tor (diversifying user
base and use cases), adding more hay to the haystack.
- It becomes more difficult to mount rollback/freeze attacks. We have
the valid-until field, but Tor HS would be a nice as defense in depth.

And before someone says, the Tor network does not want such kind of

Having my Whonix (a Debian derivative) hat on:
There is no such issue. One can use Tor to download updates. We asked
torproject.org, if it is okay to download operating system updates
over Tor, see [1] [2]. Andrew Lewman (Executive Director, Director,
press contact [3]) does also download a lot of updates over Tor and
did not complain. [4]

[1] https://lists.torproject.org/pipermail/tor-talk/2012-March/023486.html
[3] https://www.torproject.org/about/corepeople.html.en
[4] https://lists.torproject.org/pipermail/tor-talk/2012-March/023493.html

Reply to: