ftp down

Jacob Bachmeyer jcb62281 at gmail.com
Fri Aug 23 02:12:37 CEST 2024 

Björn Persson wrote:
> Jacob Bachmeyer via Gnupg-users wrote:
>   
>> Unlike HTTP, FTP is /not/ subject to simple Man-on-the-Side attacks 
>> (which motivated the rush to HTTPS) because there is no in-protocol 
>> redirect.
>>     
>
> So FTP isn't vulnerable to that particular attack,

... which is important because that particular attack (and a 
whistleblower reporting that it had been deployed on a large scale) was 
most of the motivation for the rush to HTTPS.

>  and attackers have
> to resort to TCP hijacking or DNS poisoning or BGP hijacking or
> whatever.

All of which are far more detectable than the simple Man-on-the-Side 
attack.  BGP hijacking and DNS poisoning in particular are likely to 
affect large numbers of users.  That itself can be a deterrent.  
Remember that the threat model here is substituting a backdoored GPG.  
Such an attacker loses if the attack is merely /discovered/.  Each user 
affected increases the risk of discovery.

>  Without cryptography there is no security.

Yes, and the transport by which GPG is delivered is already untrusted, 
thus the signatures on the tarballs and the digests in the release 
announcements.

>  Anyone who wants
> to argue in favor of FTP from a security point of view should at least
> argue for FTP over TLS.
>   

I specifically addressed that TLS is of little or no benefit to the 
distribution of GPG.  It does not even provide privacy as to what was 
downloaded, because passive traffic analysis reveals a connection to the 
GPG distribution server and that N bytes were received, which is likely 
enough information to determine /which/ tarball a client downloaded.

> [...]
>> I would encourage resuming FTP distribution, since I see no plausible 
>> security benefit to omitting it.
>>     
>
> For the download usecase, I see no plausible benefit to providing FTP
> service in addition to HTTPS. A web server plus an FTP server will
> always be a larger attack surface than only the web server. I recommend
> leaving the FTP server off.

FTP is a longstanding and simple protocol; accordingly, FTP servers were 
all hardened long ago.  The incremental risk is slight, compared to the 
complexity of a modern httpd.  Especially if the FTP server can be 
further sandboxed using SELinux or similar, since it should need no 
write access whatsoever:  logs can be sent through syslog if needed or 
simply not kept at all.

I stand by my previous recommendation.


-- Jacob

More information about the Gnupg-users mailing list