Re: [Tails-dev] Security implications: moving code from Ver…

Delete this message

Reply to this message
Author: u
Date:  
To: tails-dev
Subject: Re: [Tails-dev] Security implications: moving code from Verification Extension to our website
Hi!

On 22.03.19 15:47, Nicolas Vigier wrote:
> On Fri, 22 Mar 2019, sajolida wrote:
>> Whether there's a security loss for the 20% of users who currently use
>> the extension is precisely what we are asking more opinions about.
>>
>> For example, jvoisin's primary reaction on this thread is that it's
>> doesn't have any significant downsides.
>>
>> What makes you think that doing the verification in the extension would
>> be less secure than doing the verification on the website? What kind of
>> attacks are we talking about here?
>
> It seems the extension is currently only downloading an unsigned json
> file with https to verify the checksums, so someone controlling the
> website could return a bad json file.


Correct.

> So it looks like in both cases (the extension and javascript on the
> website), an attacker controlling the website could make it possible
> for a bad download to be seen as good by the user. However there is
> still maybe a small difference:
>  - with javascript on the website, an attacker controlling the website
>    could just disable the verification and claim that any download is
>    good.


Correct.

>  - with the extension, an attacker controlling the website could replace
>    the json file with one that contain a different checksum. However
>    they have to guess what the user will have downloaded from the mirrors,
>    which is maybe not easy if only one of the mirrors is bad. This is
>    assuming that the extension only accepts json files containing only
>    one value for the checksum, which I don't know if it is the case.


The JSON file can technically contain many files and their checksums.

> With the current version of the extension, I don't know if it makes a
> big difference. However if there was some plan to improve the extension
> to make it verify gpg signatures, then that could be a big difference.


Agreed.

Cheers!
u.