On Fri, Feb 20, 2015 at 06:54:10PM +0100, Florian Pelz wrote: > On 02/20/2015 04:51 PM, Daniel Micay wrote: > > PKGBUILD checksums provide *zero*, yes *zero* security for the case > > that matters most, which is the build done by the packager. It does > > provide the ability for other people to verify that a MITM attack > > was not used to target a specific packager... but that is far, far > > less likely than a compromise of the sources on the upstream server > > and it can't do anything about that. > > > > I guess the likelihood depends on who the attacker and what their > motive is, but you are probably right. Still, checksums improve > security in cases that can matter if there is no better verification > from upstream. > > That said, if the security is verified another way, is there no need > to use SHA256 rather than MD5, because the latter should be enough for > ensuring there are no download errors? > > > Trust in certificate authorities is trust in many corporations and > > governments around the world. It's trust in tends of thousands of > > individuals with the ability to sign whatever they want. An > > attacker with the ability to perform a targeted MITM attack on a > > specific Arch developer likely has the ability to sign whatever > > they want. > > > > Any certificate authority caught signing fraudulent certificates would > no longer be trusted. They surely can, but they would not want to. > Unless you are an extremely high value target, I think CAs can be trusted. > > Greetings, > Florian CAs can, and have, deliberately issued fraudulent certificates. TrustWave is the only one that has been discovered doing this --- and that, only because they came forward on their own years after the fact. The security community generally agrees that many, many of the less reputable CAs have done or are doing this. TrustWave is, by the way, still trusted. In addition, there have been many, many fraudulent certificates issued by CAs that were not keeping their network secure. Such CAs rarely have their trust revoked in practice. The bottom line is that the CA network is large and complex, and your browser trusts thousands of CAs all over the world, including some that are... erm... sketchy. You seem to have an awful lot of confidence, considering the size of that attack surface. I'd be happy to continue this discussion, but we should split it into a separate topic. -Dolan
Attachment:
pgptt4_ze1XNi.pgp
Description: PGP signature