[prev in list] [next in list] [prev in thread] [next in thread]
List: secure-desktops
Subject: Re: [Secure Desktops] Introducing a public db for software and firmware hashes
From: Joanna Rutkowska <joanna () invisiblethingslab ! com>
Date: 2016-11-11 15:03:00
Message-ID: 20161111150259.GB2734 () work-mutt
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Fri, Nov 11, 2016 at 03:40:18PM +0100, Joanna Rutkowska wrote:
> Hi, I've recently created this simple repo:
>
> https://github.com/rootkovska/codehash.db
>
> ... which is an attempt to somehow addresses a problem of software and firmware
> "verifiability" (the word is somehow loaded, hence in quotation marks).
>
> I imagine that once more and more vendors, such as e.g. Tails or Subgraph, or
> secure messenger app devs, or various firmware projects (coreboot, Trezor,
> OpenWRT, etc) agreed to stick to this format, we could expect each of them to
> submit hashes + signatures with each new release of their software. These
> hashes would then be subsequently verified and submitted by other witnesses.
> Each person or organization will be free to host a repo similar to the one
> above, only with the "proofs" from the select witness they consider somehow
> trusted or meaningful.
>
> Any comments welcome!
>
I forgot to mention, that I also plan to add a directory named: hall_of_shame/
to the repo, which should list all the projects that do really silly things. The
prime example being projects that automatically do, e.g.:
wget http://some.url.org/some/file.tgz
... and subsequently continue to unpack it and run make from it. WITHOUT
checking the hash or digital signature FIRST! And it's a little consolation if
the URL starts with an https:// or if 'git clone' is used instead -- in any case
we DO NOT want to trust the infrastructure and their admins, we only want to
trust hashes or digital signatures.
There are surprisingly large number of projects that do the above. Such projects
can never be made trustworthy.
joanna.
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJYJd2jAAoJEDOT2L8N3GcY3bUP/iU2nYR5Fz2NlCyFkW84ep2i
xtTjg//btd923BngXMgQhnHMMZWW94UjPfkt5K0nGU+igEGOQ961GfUSX+fOiqUc
m3canqVLO+tJJU7CZRw50WGGV8ao/aQOe3Q6b1PsvorbsSr4LZzvoFP/4zuEUp5L
w5JAX2bVw5hZzbsGo+WF6LjLej1dbv4mqNSnJeKzU816o9Pap+57EDNuDtepPNl0
fYaj4ocoR82QKSa/KHjdxkFlqp4PUJqBuvBLHAeAJVvYFroWBiMkJu9KCMUjK8P1
OXgSbpQ+aL7iyQem8D5RiIOjono2MWmzTTDX0Onwf/TA5Pr6zRV49ws/fSHKacIm
b4YJeArHARN99HXKmVoiaOPcBRqpYQOMSGWcjG9I1eJPoz3Iqth4seafHWS2QdE4
Bx9GjwpKMWeceM8jaBAPcogmGY5JsATdJB2bvlbqHjHS1VqYTi4xGs/aOiBraYIy
ReeFTbqpg/td8mCzZ9kw9ViHeOuNyM+JG3DpKgs28fPg0y2X5ac32+iEYUsQcPgW
oTbN2aG9zLFbPJj39mUQIwqq7QbS2xTL0NICibgAx11vXfWWspR5UMrXCMeXDFp0
EeMJXUibxDOresWSVmV5d0pl74YArnjqcMmPhGL6uYoWqCqrcdHEP4cBdGk2SkPr
On9lFW6F6t4dwcAMkRQc
=Jaay
-----END PGP SIGNATURE-----
_______________________________________________
Desktops mailing list
Desktops@secure-os.org
https://secure-os.org/cgi-bin/mailman/listinfo/desktops
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic