Foiling MITM attacks on source and ports trees
cpghost
cpghost at cordula.ws
Fri Jan 2 16:20:39 PST 2009
On Fri, Jan 02, 2009 at 10:53:29PM +0100, Wojciech Puchar wrote:
> >> other ways to compromise Your systems.
> >>
> >> if one really care then make your VPN for all your computers, use one that
> >> is unknown for others to download portsnap etc. and then use rsync to
> >> populate it to other machines.
> >
> > I'm already getting the files from one location and disseminate
> > them via rsync-over-SSH-over-VPNs to the server farms. But the
> > problem is the initial download from a cvsup mirror. That's the
> > one I'm really concerned with.
>
> just use widely-"unknown" computer like your private, even better -
> something that have dynamic IP :)
You wouldn't log in to your bank and rely on the assumption that
your connection is NOT being actively monitored and that data
could potentially be modified en-route. That's why such connections
are always SSL-encoded, and why iTANs and other means are being
used: the underlying TCP connection is ASSUMED to be insecure
by default, and that is prudent to do.
As an example: many UK users were surprised a little while ago to
learn that their traffic was potentially being filtered by big
transparent proxies, when some watchdog organisation required their
ISPs to do so:
http://en.wikipedia.org/wiki/Internet_Watch_Foundation_and_Wikipedia
If this is technically possible (and it is), then you want a way to
know that the sources you've downloaded in your country ARE actually
the sources that are on the mirror or master sites, and have not been
modified on-the-fly by similar technology.
This is important, really important, and not only for individuals, but
also for companies that what to avoid industrial espionnage and some
such. It's also vital for individuals in countries with repressive
regimes that want to routinely spy on their Internet users.
That's why signed trusted lists of digests are needed: basically, you
can't rely on the ISPs NOT to interfere with your traffic (and it
doesn't matter if they're compelled by law to do it, or if they or
some interloper did it illegally).
It's the matter of being confident that what you've downloaded was
actually also what you've asked for. ;)
-cpghost.
--
Cordula's Web. http://www.cordula.ws/
More information about the freebsd-questions
mailing list