Security Concern: Unsigned Windows Executable
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Jun 3 01:48:30 CEST 2009
On 06/02/2009 07:02 PM, Robert J. Hansen wrote:
> my "philosophical
> digression" is what lies at the bottom of that rabbit-hole.
I understand (and i very much appreciate the warning), but sometimes
it's useful to go a little way into the rabbit hole instead of all the
way to the bottom, no? otherwise, why bother with crypto software at
all, built as it is upon a teetering edifice of trust-in-others?
> Active MitM assumes that you have an attacker who is technically skilled
> and highly motivated.
I beg to differ. In today's wireless network, active MitM can be done
by a moderately-skilled hacker on a lark, or by an unskilled user who
can follow directions:
http://www.ex-parrot.com/~pete/upside-down-ternet.html
it's a small step from there to a script kiddie's bot on a WAP replacing
everything that looks like a windows executable or installer crossing
the network with a program of his own choosing (even a signed one!).
Even checking sha1sums from a web page would defeat this basic attack
though, which is why i think it's reasonable for the OP to ask his question.
The OP wanted to to know how to make a few more checks than zero,
forcing any possible attacker to be marginally more clever than the
hypothesized bot above.
> It is ludicrous to think that an attacker skilled
> enough to do active MitM and motivated enough to go after you directly
> would for some reason be constrained to play within the carefully
> defined box the crypto community has created. Rule number one of
> successful attacks: get outside the box.
But that's exactly the OPs point: "the box" on windows is a "signed
executable", whatever that is. Since gpg is distributed outside of that
framework, he's concerned that an attacker could exploit it.
Fortunately, we can offer the OP some other techniques to put things
back "in the box" of secured communications -- he still has to trust our
recommendations, but he can research those as well and make his own
decisions.
> If the OP is seriously concerned that there's an active MitM attack
> going on against him,
The MitM attack doesn't need to be "against him", it just needs to be
going on. Do you cryptographically check the integrity of software you
downoload? Do you check the host keys of machines you ssh into? these
are both reasonable actions, based on a concern that there may be an
active MitM attack.
> he needs get off the internet and obtain the
> professional services he needs to end the threat.
The OP may not have the resources to do what you're suggesting, or may
want to see what other options are available before resorting to such
lengths. Practical approaches exist, and while they are imperfect, they
do have an effect against some non-zero subset of real-world threats.
let's not overstate their capabilities (the phrase "100% secure" is
meaningless), but let's offer practical approaches even as we warn of
their limitations.
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090602/1aac69f0/attachment.pgp>
More information about the Gnupg-users
mailing list