Re: Preventing account takeovers through expired domains

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Feb 22, 2022 at 2:15 AM Demi Marie Obenour <demiobenour@xxxxxxxxx> wrote:
On 2/21/22 14:16, Vitaly Zaitsev via devel wrote:
> On 21/02/2022 19:25, Demi Marie Obenour wrote:
>> FIDO keys are significantly more secure than OTPs, and FAS should get
>> support for them.  OTPs are still phishable, whereas FIDO2 generally
>> isn’t.
>
> OTP is absolutely free. FIDO2 requires the purchase of a special
> hardware token.

One must remember that anyone in the packagers group can (with a
modicum of effort) get code execution on a huge number of machines,
and is thus an incredibly attractive target for phishing attacks.
Developing a roadmap to encourage, and eventually require, the use of
hardware authenticators to submit packages is a reasonable precaution
in this threat environment.  A hardware authenticator could be a FIDO2
token, smart card, etc.

While it may make sense from the security standpoint, we also need to factor in the community/economic factor for Fedora contributors. Requiring the use of a hardware key then means that contributors have to spend their money to buy such a key, adding an additional hurdle for them to go through. Having to get the hardware key may also be prohibitive for contributors coming from developing countries, or who are low-income/unemployed, where they may already have a computer to use, but the added cost of a new hardware key could be a large burden.

The only viable option I see for requiring the use of hardware keys would be if RedHat (or another sponsor) provided them to packagers when needed. This is probably prohibitive to do for the entire packager group, so instead it would make more sense to focus on the group that would expose the largest amount of the distribution - the proven packager group. This set of packagers is a smaller group, and they would have shown a dedication to the community/Fedora in the past to be approved by FESCO. It would probably be easier to convince Redhat/the Fedora Council to sponsor hardware keys for that core group than the community at large should the decision to require them be made.

-Ian
 

--
Sincerely,
Demi Marie Obenour (she/her/hers)_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux