On Wed, Jan 14, 2015 at 02:32:07PM +0100, Enos D'Andrea wrote:
> "Buying a CD" in my case includes a 5.000 mile trip through multiple
> "five-eyes" nations, whose overzealous three letter agencies officially
> intercept physical shipments to install backdoors and hardware implants.
^^^^^^^^^^^^^^^^^
> "Cross-checking" of OpenBSD commercial CD sets at present can only be
> partial, as no official full checksums seem to be provided. Even
> cross-checking *all* files referenced by the ISO filesystem would still
> allow a malicious boot sector to directly reference unallocated space.
No need to worry. They won't need to mess with the CDs since your
hardware is already bugged ;)
> Let's call a spade a spade: the worst-case scenario is an APT
> intercepting the shipment of a commercial CD set, substitute one or more
> CDs and repackage it. Extremely unlikely for the average person,
> not-so-much for IT security consultants with important clients.
I understand where you're coming from, but what you're getting at is
out of scope of this project. Questions which tickle someone into
writing code to fix a problem are always well received. But if your
problem is targeted surveillance, then sorry, we simply can't fix
that any better than anyone else can, and we certainly can't fix
it by adding more code to the CD verification process.
Your scenario presents a political problem, not a technical one.
If you believe that targeted surveillance won't work on you if you
run a "verified" install of OpenBSD, you're fooling yourself.
