[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: debcheckroot v2.0 released

I have just released a̅tea v0.6: https://www.elstel.org/atea/ . It now implements SNI (Server Name Indication) and can thus also be successfully used to download files like my public gpg key from elstel.org.

atea tii-cert -rv https://cdimage.debian.org
TLSA record (first three bytes are for TLSA-mode): 03:01:01:0c:8e:2d:2b:49:50:6b:cc:77:f7:70:5d:ee:69:fe:a2:30:93:55:5e:88:a2:68:4c:79:8b:8c:e1:84:2b:32:6f hash of the server certificate: 7d:86:1f:c8:c6:d0:54:ec:74:81:3e:c4:0d:7e:14:45:50:1f:0d:0a:50:11:f1:44:bf:85:cc:6e:2f:8f:cd:ee certificate signature in TLSA record did not match (https://cdimage.debian.org)
server cert written to 'cdimage.debian.org-rogue.pem'.

The only site which is still making problems is cdimage.debian.org. Could any good Christ from the Debian community have a look at this issue. The server maintainers would need to complain about the rogue cert!

Am 04.03.20 um 20:57 schrieb Elmar Stellnberger:
If anyone wants to play with atea use it under GPLv3. I forgot to add the license header in the file but this email should entitle you to use the program under GPLv3.


Am 04.03.20 um 20:51 schrieb Elmar Stellnberger:
Hint: You can use -v to get a more verbose output if atea fails which includes the sha256 hash of the certificate (-vv would also be possible). From version 0.5 on atea should also do it without the --sys-keyfile option. For me atea succeeds with domains like mail.dotplex.com, secure.dotplex.de or web4.dotplex.com. Pages like ssl-tools.net do already cause problems and my own domain www.elstel.org could sometimes be reached em ordem and sometimes not (see the two certificates in the https://www.elstel.org/DANE/ tar file which have the same start and ending date, one of them is a rogue certificate). The only domain where I have never succeeded is cdimage.debian.org. Is it permanently spoofed or did the Debian maintainers just enter a wrong hash in the TLSA record?

Am 04.03.20 um 20:41 schrieb Elmar Stellnberger:
It would be a question if anyone has tried to download a SHA512SUMS file from cdimage.debian.org with atea? As it turned out downloading this file with tails/tor is NOT sufficient. I have verified a Debian Live 10.1.0 DVD image against the Debian 10.1.0 Install BD-DL I have. Debcheckroot reported several infected packages like mkinitramfs, ispell and several pam-modules though mounting the squashfs may already have triggered some malware.

Yours Sincerely
Elmar Stellnberger

Am 04.03.20 um 20:04 schrieb Elmar Stellnberger:
Hi folks

   You can now download the indicated program at https://www.elstel.org/atea/ and read some documentation at https://www.elstel.org/DANE/.

Kind Regards,

Am 17.01.20 um 16:52 schrieb Elmar Stellnberger:
Hi Cindy Sue! Hi folks!

   I must confess there is little you can do about missing emails with debcheckroot. You can spot rootkits with hindsight but intelligence can also break in and go without leaving any trace. What would to my mind be necessary for a more secure email communication is a better penetration of DANE. Many CAs are known to issue rogue certificates to secret services so the public key is the only thing that may be trustworthy of a certificate. If that public key is signed and bound to a domain with DNSSEC (this is then called DANE) it shall be safe. I would guess that email dispatching was If safe if encrypted and saved by DANE all the way to its target. F.i. it seems likely that intelligence just tries to halt email delivery if some suspicious email is in the queue until they have assessed what they wanna do about it. And it is questionable how those emails which seem to be sent successfully but which do not reach their target get lost.

    Something I as an end user can do about the emailing problem is to write and send my emails on a secure machine. If I am using webmail or an emailing program this requires to preconfigure certificates known to be safe and to only allow these. All CAs need to be disabled since the average user will never know which CAs issue rogue certificates. According to my knowledge any simple web page invocation immediately results in a cracked system if it is using a spoofed certificate which can not be excluded for any simple web search. Luckily my hoster provides DANE for the machines used for email delivery, webmailing and my website configuration panel. And I am still using a Debian 8 read only stick to boot such a secure system.

    Why the hell Debian 8? Isn`t that insecure? I believe it isn`t as long as I only visit these two web pages of my hoster. Unfortunately newer versions of Firefox have a special implementation for so called HSTS (http strict transport security) certificates. You can not add a security exception for such a certificate but you need to configure all dependent certification authorities for such a certificate. However with the first CA you acknowledge you compromise your system`s security. Older versions of Firefox did not have this bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1606802

   I am currently looking forward to test which versions of Debian 9 would work. Firefox from Debian 10 does no more work. If you have good luck your webmailing server supports DANE but does not use HSTS. Then you can use a current Debian. With Debian 8 you simply need to delete libnssckbi.so from libnss3 to disable all default CAs. You can not delete them by hand. If you do you need to mark every singleton CA but that does not prevent all deleted CAs to reappear a second after you have deleted them. That is why you needed to delete the .so. With newer versions of Firefox deleting libnssckbi.so does not stay without side effects: You can then not acknowledge security exceptions by hand any more. I have written a script to do that automatically though and I am likely to publish it at https://www.elstel.org/DANE/ in the future if sufficient interest is given in the issue. Once I know the last good Firefox version I could also approach to resolve the bug from above for newer Firefox versions. Unfortunately Dana Keeler has given this bug a resolved invalid so that it is unsure whether they would accept the bugfix upstreams. According to Dana`s comments the bug should in deed be marked as WONTFIX. That would be correct. If you like vote or comment for/on this bug.


Am 17.01.20 um 14:29 schrieb Cindy Sue Causey:
On 11/27/19, Elmar Stellnberger <estellnb@gmail.com> wrote:
Am 25.11.19 um 12:35 schrieb Patrick Schleizer:
Yes, forget about NSA and alike. Let's not assume quasi-omnipotent
attackers. That leads to defeatist mindset which isn't productive.
    I would not let myself be defeated easily. Who has thought about
emails in your inbox which are deleted before you can see them? Easily doable. They would just need to know your password. Or about outgoing emails which do not reach their target. As far as I have learnt to know
it you can see them in the sent folder but they never appear on the
other side, not even in the spam-box. The worse thing is however if
someone wants to contact you and you do not even know about it, the
other one just thinking you did not reply.

There have been two situations that, no, I can't name just this
second, so this is anecdotal material *until I stumble back upon* the
very real cases, BUT...

Twice in the last maybe six months, there has been chatter about the
receiving end's server(s) stopping the flow of incoming emails for
unknown reasons. The occurrences were purely "glitches", NOT on
purpose. It was either machine failure or accidentally
Human-instigated mis-code or something that provoked the situations.

End users found out when a sudden flood of sometimes OLD email
suddenly hit their email inboxes. The last one was just in last few
weeks. If and when I re-encounter that information, I'll post for
posterity. :)

As for the once formerly viewed and then now missing emails, been
there, done there. Things being what they are in my own #Life, I've
most definitely... "wondered" how the emails "disappeared" when they
are NOT something I would have EVER deleted. It affects very few, less
than a handful of correspondences.

Sanity is found in realizing I have a VERY LARGE inbox.. and I'm
surely just not using the right words for my queries. I've convinced
myself that I'm using words that convey the same thoughts as the
original messages but are not a search string-friendly match for the
specific words that were originally written. :)

Cindy :)

Attachment: cdimage.debian.org-rogue.pem
Description: application/x509-ca-cert

Reply to: