ftp down
Jacob Bachmeyer
jcb62281 at gmail.com
Fri Aug 23 02:12:37 CEST 2024
Björn Persson wrote:
> Jacob Bachmeyer via Gnupg-users wrote:
>
>> Unlike HTTP, FTP is /not/ subject to simple Man-on-the-Side attacks
>> (which motivated the rush to HTTPS) because there is no in-protocol
>> redirect.
>>
>
> So FTP isn't vulnerable to that particular attack,
... which is important because that particular attack (and a
whistleblower reporting that it had been deployed on a large scale) was
most of the motivation for the rush to HTTPS.
> and attackers have
> to resort to TCP hijacking or DNS poisoning or BGP hijacking or
> whatever.
All of which are far more detectable than the simple Man-on-the-Side
attack. BGP hijacking and DNS poisoning in particular are likely to
affect large numbers of users. That itself can be a deterrent.
Remember that the threat model here is substituting a backdoored GPG.
Such an attacker loses if the attack is merely /discovered/. Each user
affected increases the risk of discovery.
> Without cryptography there is no security.
Yes, and the transport by which GPG is delivered is already untrusted,
thus the signatures on the tarballs and the digests in the release
announcements.
> Anyone who wants
> to argue in favor of FTP from a security point of view should at least
> argue for FTP over TLS.
>
I specifically addressed that TLS is of little or no benefit to the
distribution of GPG. It does not even provide privacy as to what was
downloaded, because passive traffic analysis reveals a connection to the
GPG distribution server and that N bytes were received, which is likely
enough information to determine /which/ tarball a client downloaded.
> [...]
>> I would encourage resuming FTP distribution, since I see no plausible
>> security benefit to omitting it.
>>
>
> For the download usecase, I see no plausible benefit to providing FTP
> service in addition to HTTPS. A web server plus an FTP server will
> always be a larger attack surface than only the web server. I recommend
> leaving the FTP server off.
FTP is a longstanding and simple protocol; accordingly, FTP servers were
all hardened long ago. The incremental risk is slight, compared to the
complexity of a modern httpd. Especially if the FTP server can be
further sandboxed using SELinux or similar, since it should need no
write access whatsoever: logs can be sent through syslog if needed or
simply not kept at all.
I stand by my previous recommendation.
-- Jacob
More information about the Gnupg-users
mailing list