Re: Preventing account takeovers through expired domains

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2/21/22 22:17, Ian McInerney via devel wrote:
> On Tue, Feb 22, 2022 at 2:15 AM Demi Marie Obenour <demiobenour@xxxxxxxxx>
> wrote:
> 
>> On 2/21/22 14:16, Vitaly Zaitsev via devel wrote:
>>> On 21/02/2022 19:25, Demi Marie Obenour wrote:
>>>> FIDO keys are significantly more secure than OTPs, and FAS should get
>>>> support for them.  OTPs are still phishable, whereas FIDO2 generally
>>>> isn’t.
>>>
>>> OTP is absolutely free. FIDO2 requires the purchase of a special
>>> hardware token.
>>
>> One must remember that anyone in the packagers group can (with a
>> modicum of effort) get code execution on a huge number of machines,
>> and is thus an incredibly attractive target for phishing attacks.
>> Developing a roadmap to encourage, and eventually require, the use of
>> hardware authenticators to submit packages is a reasonable precaution
>> in this threat environment.  A hardware authenticator could be a FIDO2
>> token, smart card, etc.
>>
> 
> While it may make sense from the security standpoint, we also need to
> factor in the community/economic factor for Fedora contributors. Requiring
> the use of a hardware key then means that contributors have to spend their
> money to buy such a key, adding an additional hurdle for them to go
> through. Having to get the hardware key may also be prohibitive for
> contributors coming from developing countries, or who are
> low-income/unemployed, where they may already have a computer to use, but
> the added cost of a new hardware key could be a large burden.
> 
> The only viable option I see for requiring the use of hardware keys would
> be if RedHat (or another sponsor) provided them to packagers when needed.
> This is probably prohibitive to do for the entire packager group, so
> instead it would make more sense to focus on the group that would expose
> the largest amount of the distribution - the proven packager group. This
> set of packagers is a smaller group, and they would have shown a dedication
> to the community/Fedora in the past to be approved by FESCO. It would
> probably be easier to convince Redhat/the Fedora Council to sponsor
> hardware keys for that core group than the community at large should the
> decision to require them be made.
> 
> -Ian
Proven packagers are definitely a good place to start, along with
maintainers of core packages such as glibc.  Next should be the
maintainers of any package that is a dependency (either at build-time
or runtime) of any package that is either (1) included in any default
install or (2) used in Fedora’s own infrastructure.  That leaves the
Supplements: hole still open, which needs to be dealt with some other
way.
-- 
Sincerely,
Demi Marie Obenour (she/her/hers)

Attachment: OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux