Re: http subversion URLs should be discontinued in favor of https URLs

[Poul-Henning Kamp]

In message <83e44188-6e0d-13cc-4b80-d191ac010...@rawbw.com>, Yuri writes:
>On 12/07/17 15:16, Jason Hellenthal wrote:
>> The truly paranoid types that don’t want anyone to know they are using 
>> FreeBSD apparently.
>>
>> Honestly if they are that worried about http then get a private vpn tunnel 
>> and run through that instead !
>
>
>Some people aren't aware that they use http, and enable Tor because they 
>think that it improves privacy. It's very easy to use such setup 
>inadvertently.

And for this reason you want the FreeBSD project to take a politically
stupid position in the war between IT-liberalists and all the worlds
governments ?

No thanks.

-- 
Poul-Henning Kamp   | UNIX since Zilog Zeus 3.20
p...@freebsd.org | TCP/IP since RFC 956
FreeBSD committer   | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
___
freebsd-security@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"

Re: http subversion URLs should be discontinued in favor of https URLs

[Yuri]

On 12/07/17 15:16, Jason Hellenthal wrote:

The truly paranoid types that don’t want anyone to know they are using FreeBSD 
apparently.

Honestly if they are that worried about http then get a private vpn tunnel and 
run through that instead !



Some people aren't aware that they use http, and enable Tor because they 
think that it improves privacy. It's very easy to use such setup 
inadvertently.



Yuri

___
freebsd-security@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"

Re: http subversion URLs should be discontinued in favor of https URLs

[Jason Hellenthal]

The truly paranoid types that don’t want anyone to know they are using FreeBSD 
apparently.

Honestly if they are that worried about http then get a private vpn tunnel and 
run through that instead !

> On Dec 7, 2017, at 16:27, Poul-Henning Kamp  wrote:
> 
> 
> In message <2a6d123c-8ee5-8e1e-d99b-4bce02345...@rawbw.com>, Yuri writes:
> 
>> The unfortunate FreeBSD user who updated his source tree through 
>> Tor [...]
> 
> Why would anybody do that in the first place ?
> 
> -- 
> Poul-Henning Kamp   | UNIX since Zilog Zeus 3.20
> p...@freebsd.org | TCP/IP since RFC 956
> FreeBSD committer   | BSD since 4.3-tahoe
> Never attribute to malice what can adequately be explained by incompetence.
> ___
> freebsd-security@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
> 
___
freebsd-security@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"

Re: http subversion URLs should be discontinued in favor of https URLs

[Poul-Henning Kamp]

In message <2a6d123c-8ee5-8e1e-d99b-4bce02345...@rawbw.com>, Yuri writes:

>The unfortunate FreeBSD user who updated his source tree through 
>Tor [...]

Why would anybody do that in the first place ?

-- 
Poul-Henning Kamp   | UNIX since Zilog Zeus 3.20
p...@freebsd.org | TCP/IP since RFC 956
FreeBSD committer   | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
___
freebsd-security@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"

Re: http subversion URLs should be discontinued in favor of https URLs

[Yuri]

On 12/05/17 12:59, Yuri wrote:
I suggested this PR, but it got rejected: 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=224097



http is insecure in its nature, and is an easy target for MITM. This 
is why https should be preferred. http needs to be discontinued and 
shut down because as long as it exists somebody will keep using it and 
will be in danger.



Few years ago Wikimedia Foundation switched to https and discontinued 
http entirely: 
https://blog.wikimedia.org/2015/06/12/securing-wikimedia-sites-with-https 
I think this makes a lot of sense, and FreeBSD should do the same.



It's understood that a lot of arguments can be made for and against 
this, like with any other issue, but security argument should outweigh 
most or all other arguments.




Let's forget about all the abstract arguments and considerations, and 
consider this concrete scenario:


Let's assume there is the malicious hacker who runs the malicious Tor 
exit node. In his attempt to spread malware, he watches all outbound 
http traffic for subversion requests to the domain FreeBSD.org. Once he 
detects such request, he serves the maliciously patched versions of 
popular ports and kernel in a hope that they will be rebuilt locally and 
run. The unfortunate FreeBSD user who updated his source tree through 
Tor got infected. This can't possibly happen if https protocol was in 
use, because the hacker is just a private person and doesn't have access 
to any CA authorities, and doesn't impersonate anybody.


Please justify the use of the http protocol in the face of this scenario.


Yuri
___
freebsd-security@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"

Re: http subversion URLs should be discontinued in favor of https URLs

[Poul-Henning Kamp]

In message <867etyzlad@desk.des.no>, =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= w
rites:
>Gordon Tetlow  writes:
>> Assertion of identity and encryption in transit are separate issues. [...]
>
>You can't have the latter without the former.  Assertion of identity is
>the only protection against MITM eavesdropping or tampering.

Or more generally:

If you dont/cant trust the other end, why would you trust them to
keep the communication secret ?

-- 
Poul-Henning Kamp   | UNIX since Zilog Zeus 3.20
p...@freebsd.org | TCP/IP since RFC 956
FreeBSD committer   | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
___
freebsd-security@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"

Re: http subversion URLs should be discontinued in favor of https URLs

[Dag-Erling Smørgrav]

Gordon Tetlow  writes:
> Assertion of identity and encryption in transit are separate issues. I
> do agree that identity is fundamentally broken with the existing CA
> system. I’m more interested in preventing tampering of data in
> transit. HTTPS is an easy way to do that.

You can't have the latter without the former.  Assertion of identity is
the only protection against MITM eavesdropping or tampering.

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
freebsd-security@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"