Re: [gentoo-dev] [PATCH 2/2] git-r3.eclass: Explicitly warn about unsecure protocols
On Fri, 25 Aug 2017 17:46:01 +0200 Hanno Böck wrote: > On Wed, 23 Aug 2017 11:46:02 +0300 > Andrew Savchenko wrote: > > > Sigh... https also makes MITM attacks possible, especially if SSL > > or TLS < 1.2 is used or are allowed and protocol version downgrade > > attack may be performed. > > None of that is true. > > You're probably referring to attacks that were specific to certain > browser weaknesses, but they're irrelevant for this use case. Some attack are indeed implementation specific, but there are several which are design flaws, e.g.: 1) BEAST attack[1]: TLS 1.0 is vulnerable regrardless of implementation (and all SSL versions). 2) BREACH attack[2]: basically this is a side-channel attack for compressed traffic. All TLS versions are still vulnerable, the only practical mitigation is to disable compression. It can be argued if this is a vulnerability in TLS or TLS protocol has nothing to do with side channels, but if a protocol is vulnerable to a side-channel implementation-agnostic attack, it is considered by many as a protocol misdesign. Really SSL/TLS are very good examples of how crypto solutions should not be designed and implemented. [1] https://www.gracefulsecurity.com/what-is-beast/ [2] http://breachattack.com/ Best regards, Andrew Savchenko pgpHlWZBJH1hu.pgp Description: PGP signature
Re: [gentoo-dev] [PATCH 2/2] git-r3.eclass: Explicitly warn about unsecure protocols
On Fri, 25 Aug 2017 15:51:25 +0200 Michał Górny wrote: > W dniu śro, 23.08.2017 o godzinie 11∶46 +0300, użytkownik Andrew > Savchenko napisał: > > On Sat, 19 Aug 2017 10:25:02 +0200 Michał Górny wrote: > > > Explicitly warn about any URI that uses an unsecure protocol (git, http) > > > even if it's a fallback URI. This is necessary because an attacker may > > > block HTTPS connections, effectively forcing the fallback to > > > the unsecure protocol. > > > > [...] > > > + local r > > > + for r in "${repos[@]}"; do > > > + if [[ ${r} == git:* || ${r} == http:* ]]; then > > > + ewarn "git-r3: ${r%%:*} protocol in unsafe and may be > > > subject to MITM attacks" > > > + ewarn "(even if used only as fallback). Please use > > > https instead." > > > + ewarn "[URI: ${r}]" > > > + fi > > > + done > > > + > > > > Sigh... https also makes MITM attacks possible, especially if SSL > > or TLS < 1.2 is used or are allowed and protocol version downgrade > > attack may be performed. > > > > Such messages create a false impression of a safety of https. > > Safety more or less can be gained by verifying GPG signatures and > > fingerprints of the upstream commits, if upstream supports this. Of > > course using https is better than using http or git, but better > > only by a bit. > > > > Yes, we can do a whole long debate about problems with HTTPS. Yes, we > can do an even longer debate about all those fancy solutions that solve > all the problems in the world, except they're completely not applicable > in practice. People will become a lot wiser and/or depressed. > > However, I'd rather do what I can practically do to make a real > difference. And I believe that making things a little safer is better > than claiming that nothing is safe, so let's just abandon all hope > and continue using completely unsecured protocols. I agree that better to have some improvement rather than nothing. > Nevertheless, I've changed the wording a bit to avoid giving this 'false > impression' that https is entirely secure. Thanks, that was my main intent: to have correct docs. Best regards, Andrew Savchenko pgp40FV5ZOm5W.pgp Description: PGP signature
Re: [gentoo-dev] [PATCH 2/2] git-r3.eclass: Explicitly warn about unsecure protocols
On Wed, 23 Aug 2017 11:46:02 +0300 Andrew Savchenko wrote: > Sigh... https also makes MITM attacks possible, especially if SSL > or TLS < 1.2 is used or are allowed and protocol version downgrade > attack may be performed. None of that is true. You're probably referring to attacks that were specific to certain browser weaknesses, but they're irrelevant for this use case. -- Hanno Böck https://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 pgpw64X7an5Wn.pgp Description: OpenPGP digital signature
Re: [gentoo-dev] [PATCH 2/2] git-r3.eclass: Explicitly warn about unsecure protocols
W dniu śro, 23.08.2017 o godzinie 11∶46 +0300, użytkownik Andrew Savchenko napisał: > On Sat, 19 Aug 2017 10:25:02 +0200 Michał Górny wrote: > > Explicitly warn about any URI that uses an unsecure protocol (git, http) > > even if it's a fallback URI. This is necessary because an attacker may > > block HTTPS connections, effectively forcing the fallback to > > the unsecure protocol. > > [...] > > + local r > > + for r in "${repos[@]}"; do > > + if [[ ${r} == git:* || ${r} == http:* ]]; then > > + ewarn "git-r3: ${r%%:*} protocol in unsafe and may be > > subject to MITM attacks" > > + ewarn "(even if used only as fallback). Please use > > https instead." > > + ewarn "[URI: ${r}]" > > + fi > > + done > > + > > Sigh... https also makes MITM attacks possible, especially if SSL > or TLS < 1.2 is used or are allowed and protocol version downgrade > attack may be performed. > > Such messages create a false impression of a safety of https. > Safety more or less can be gained by verifying GPG signatures and > fingerprints of the upstream commits, if upstream supports this. Of > course using https is better than using http or git, but better > only by a bit. > Yes, we can do a whole long debate about problems with HTTPS. Yes, we can do an even longer debate about all those fancy solutions that solve all the problems in the world, except they're completely not applicable in practice. People will become a lot wiser and/or depressed. However, I'd rather do what I can practically do to make a real difference. And I believe that making things a little safer is better than claiming that nothing is safe, so let's just abandon all hope and continue using completely unsecured protocols. Nevertheless, I've changed the wording a bit to avoid giving this 'false impression' that https is entirely secure. -- Best regards, Michał Górny
Re: [gentoo-dev] [PATCH 2/2] git-r3.eclass: Explicitly warn about unsecure protocols
On Sat, 19 Aug 2017 10:25:02 +0200 Michał Górny wrote: > Explicitly warn about any URI that uses an unsecure protocol (git, http) > even if it's a fallback URI. This is necessary because an attacker may > block HTTPS connections, effectively forcing the fallback to > the unsecure protocol. [...] > + local r > + for r in "${repos[@]}"; do > + if [[ ${r} == git:* || ${r} == http:* ]]; then > + ewarn "git-r3: ${r%%:*} protocol in unsafe and may be > subject to MITM attacks" > + ewarn "(even if used only as fallback). Please use > https instead." > + ewarn "[URI: ${r}]" > + fi > + done > + Sigh... https also makes MITM attacks possible, especially if SSL or TLS < 1.2 is used or are allowed and protocol version downgrade attack may be performed. Such messages create a false impression of a safety of https. Safety more or less can be gained by verifying GPG signatures and fingerprints of the upstream commits, if upstream supports this. Of course using https is better than using http or git, but better only by a bit. Best regards, Andrew Savchenko pgpHi59FnxDxv.pgp Description: PGP signature
[gentoo-dev] [PATCH 2/2] git-r3.eclass: Explicitly warn about unsecure protocols
Explicitly warn about any URI that uses an unsecure protocol (git, http) even if it's a fallback URI. This is necessary because an attacker may block HTTPS connections, effectively forcing the fallback to the unsecure protocol. --- eclass/git-r3.eclass | 11 ++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/eclass/git-r3.eclass b/eclass/git-r3.eclass index 42b586811368..1eb0baedc67f 100644 --- a/eclass/git-r3.eclass +++ b/eclass/git-r3.eclass @@ -570,6 +570,15 @@ git-r3_fetch() { [[ ${repos[@]} ]] || die "No URI provided and EGIT_REPO_URI unset" + local r + for r in "${repos[@]}"; do + if [[ ${r} == git:* || ${r} == http:* ]]; then + ewarn "git-r3: ${r%%:*} protocol in unsafe and may be subject to MITM attacks" + ewarn "(even if used only as fallback). Please use https instead." + ewarn "[URI: ${r}]" + fi + done + local -x GIT_DIR _git-r3_set_gitdir "${repos[0]}" @@ -582,7 +591,7 @@ git-r3_fetch() { fi # try to fetch from the remote - local r success saved_umask + local success saved_umask if [[ ${EVCS_UMASK} ]]; then saved_umask=$(umask) umask "${EVCS_UMASK}" || die "Bad options to umask: ${EVCS_UMASK}" -- 2.14.1