Quoting Bill Broadley ([email protected]): > Ha, looking at your link and found: > Because the download integrity for all of these packages is abysmal ....
Yes, I was intending to point out that bit to you in particular, but couldn't find it on the November 16th blog post -- but I see it's on the April 2nd original blog post of which the November one is a refresh. I notice the refresh article is using keytool instead of sha256sum to verify the Signal app key's fingerprint, FWIW, not that that does anything for the basic, larger problem. > Would be nice to have copperhead OS, then something automated like: > * launch container/sandbox without rw to /system > * use google play to download APKs and verify signatures. > * save downloaded APK to /tmp > * shutdown container > * have copperhead install and verify the APKs (after checking they won't > overwrite copperhead APKs) > > That way no google play services, and no way for google to change any > copperhead > files. Yes, concur. For _me_, I don't compelling need for anything from Google Play, but I realise I'm a mutant. > For most installing signal via: > Download the apk. > Unzip the apk with unzip org.thoughtcrime.securesms.apk > Verify that the signing key is the official key with keytool -printcert -file > META-INF/CERT.RSA > You should see a line with SHA256: > 29:F3:4E:5F:27:F2:11:B4:24:BC:5B:F9:D6:71:62:C0 > EA:FB:A2:DA:35:AF:35:C1:64:16:FC:44:62:76:BA:26 > Make sure that fingerprint matches (the space was added for formatting). > Verify that the contents of that APK are properly signed by that cert with: > jarsigner -verify org.thoughtcrime.securesms.apk. You should see jar verified > printed out. > > Is *WAY* too complicated. As they point out, this results from the Signal people and the F-Droid people fighting over acceptance criteria. You'll note that the author says in the notes 'Wow, the Signal vs F-Droid issue is a stupid hot mess. Can't we all just get along and share the software? Don't make me sing the RMS song, people... I'll do it...' ;-> Still 'n' all, yeah, Copperhead OS and drills like the one on the Tor blog post(s) are as good as we have, at the moment. What boggled me was what a near-total showstopper the baseband CPU/firmware problem continues to be. The article's April iteration (https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy) goes through some elaborate steps to deal with this and related problems. (At present, they recommend decoupling the phone or tablet from baseband problems by using a separate MiFi device.) Personally, the only Android-type device I have is a Nook Tablet running Cyangenmod, which at least sidesteps the baseband problem. Copperhead OS would have been much better but, as the Tor blog notes, so far, Copperhead doesn't support any wifi-only devices, only certain smartphones. I have my doubts about progress. The OEMs still are failing to support meaningful service lives for their hardware, and everyone's trying to use tricks to control customers. _______________________________________________ vox-tech mailing list [email protected] http://lists.lugod.org/mailman/listinfo/vox-tech
