'Re: [qubes-devel] Re: GitLab'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       qubes-devel
Subject:    Re: [qubes-devel] Re: GitLab
From:       Leo Gaspard <leo () gaspard ! io>
Date:       2017-05-13 19:53:56
Message-ID: 5cab07f8-63b0-a4aa-0ac1-9f484683ff65 () gaspard ! io
[Download RAW message or body]

[Attachment #2 (multipart/mixed)]


On 05/13/2017 09:40 PM, Andrew David Wong wrote:
> We agree, but we disagree about what constitutes "more security." We
> believe that what many people regard as "more security" is actually the
> illusion of security, and we believe that having more of the illusion of
> security is worse than having less of it.

I don't want to take a stance on this GitHub vs GitLab issue, but just a
fact that strikes me as a really recent Qubes user (something like a few
weeks):

There *is* need for security in the infrastructure.

Not when the Qubes system is running. Just during the first installation.

I didn't have the masterkey at hand. My solution has been to ask a few
people I know with different ISPs to check out the webpage with it, but
it is hosted by GitHub.

How, for trust initialization, am I to know 427F 11FD 0FAA 4B08 0123
F01C DDFA 1A3E 3687 9494 is actually Qubes master key and not GitHub's
MitM signing key?

Now I've made that leap of faith, but I knew no-one who could confirm it
to me, except... this GitHub web page.

From now on I can be pretty confident about always receiving the updates
and any of my future system being installed with the same OS, but that's
not helpful if the key was not actually Qubes' in the first place.

Even though identity continuity already makes attacks (way) harder, in
my opinion trust initialization can only be done by some amount of trust
in the infrastructure, that is not perfect security but should be enough
to reasonably assume the webpage is indeed showing the right fingerprint.

That said, whether GitLab would provide more or less confidence in this
is an entirely different debate, to which I'd rather avoid participating.

Cheers,
Leo

-- 
You received this message because you are subscribed to the Google Groups \
"qubes-devel" group. To unsubscribe from this group and stop receiving emails from \
it, send an email to qubes-devel+unsubscribe@googlegroups.com. To post to this group, \
send email to qubes-devel@googlegroups.com. To view this discussion on the web visit \
https://groups.google.com/d/msgid/qubes-devel/5cab07f8-63b0-a4aa-0ac1-9f484683ff65%40gaspard.io.
 For more options, visit https://groups.google.com/d/optout.


["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic