Question for app developers, like Enigmail etc. - Identicons

Peter Lebbing peter at digitalbrains.com
Tue Jun 13 14:16:46 CEST 2017


On 13/06/17 09:43, Stefan Claas wrote:
> Another thing i will do in the future, which i haven't read in popular
> tutorials,
> is that once checking the hash/sig of the provided package i will also hash
> the binaries after unpacking and print them out on a piece of paper, so
> that i
> can frequently check the values.

I use Open Source Tripwire for that. Its specification language is quite
lacking in my opinion, but it's not so bad that I start looking around
for a different solution. I've been using it for ages, and haven't
noticed any significant development on it since I started using it. As
far as I remember.

Note that someone in a position to replace your binaries is also in a
position to replace the sha256sum binary or whatever other binary you
are using to generate the hashes, so your hashes can just lie to you. As
can Tripwire.

And so I come to my other comment, in reply to:

>  So what i have learned from this whole
> thread, also about my proposal for identicons, i should buy me
> an offline computer, send Thunderbird/Enigmail to /dev/null
> and transfer signed/encrypted messages from my online usage
> computer with a USB stick to my offline computer and verify
> decrypt the messages there. :-)

Security is not an absolute. Quite the opposite: security is rather
simple economics. How much are you willing to spend on your protection,
and how much is an attacker willing to spend to compromise you? It's
that simple. There are some unpleasant little factors such as that you
need to do it right all the time, yet the attacker only needs to do it
right once. But in the end, it all boils down to: who is willing to go
that step further? As long as your secrets aren't very valuable, an
attacker will not want to spend a lot on obtaining those secrets; they'd
rather point their attention and money elsewhere.

So Tripwire is something that raises the cost of the attack; it's
defence in depth, not an absolute defence. And as the name suggests, if
the attacker doesn't notice Tripwire, they might well set off an alarm.
But if they notice it.... <snip>.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170613/4a7f3df7/attachment.sig>


More information about the Gnupg-users mailing list