Re: Debian mirrors and MITM
On Fri, May 30, 2014, at 10:49 PM, Chris Boot wrote:
> >> The cryptographic signatures that are validated automatically by apt.
> >
> > What's stopping the attacker from serving a compromised apt?
>
> Oh god not this again.
>
> How exactly does using HTTPS solve this particular problem, anyway? If
> we assume a compromised APT then surely it can pass invalid SSL
> certificates as perfectly valid, too. It's not like sponsored attackers
> don't have access to all the SSL certificates they might ever want
> anyway.
By mandating HTTPS, it would prevent QuantumInsert and FoxAcid being
implemented during Debain installs and later package installs/updates.
If you're worried about SSL certificates being compromised, going down
the path of Debian self-signing its own certificate and distributed it
via SneakerNet would be a way to prevent it.
Alfie
--
Alfie John
alfiej@fastmail.fm
Reply to: