[ciphershed] Checked commit a03e565835e3ff66774a2a50946dc2290bcbc7d4
- From: Bill Cox <waywardgeek@xxxxxxxxx>
- To: ciphershed@xxxxxxxxxxxxx
- Date: Mon, 23 Jun 2014 06:56:08 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Personally, I wish to contribute long-term to CipherShed as one of the
people who check the code for back doors. I don't have any particular
reason to believe I am any good at it, but I certainly feel better
after checking the code myself.
So, I checked the latest commit,
a03e565835e3ff66774a2a50946dc2290bcbc7d4. It looks good to me, though
checking it manually did take a while. Note that I use the *entire*
SHA1 tag, not the 6-digit prefix normally used. This is because
faking a git commit that has matching 6 hex digits requires only
milliseconds of CPU time (only 16 million-ish guesses typically need
to be made). If we want to be confident we're talking about the same
code, we need to use all the digits. Here are thoughts I had while
reading the diffs vs HEAD^.
First, Stephen did solid work. Nice job! He not only checked in the
same TrueCrypt sources we can find on the Internet in various places,
he explained how he verified them. If we can have solid explanations
like this in git commit comments or change logs going forward, it will
make verification much simpler.
We now have Windows .exe files signed into the git repo. We should
use them to verify newer versions of these exe files rather than
assuming they are golden and error-free. If these executables are
hacked, it could be a disaster. If they are out of date and have
unpatched buffer overflow bugs, they could be exploited. However, I
think it is a good idea to have these executables in git. When we do
releases, I think we should use the latest versions of these
executables from our favorite sources (preferably sources that are not
disclosed), and verify that we get the same result as using the signed
in versions.
I verified the Pkcs11 header files match those I could download from
the RSA site, and also match those from the realcrypt project. I
checked the sha256 signatures for the source .tar.gz and .zip files,
and verified the truecrypt-hashes.asc file matches what I could find
using Google. Everything checked out.
Minor update needed to README.md: The
https://ciphershed.org/DevelopmentProcess page is referenced in the
README.md file, but does not currently exist. Similarly,
https://ciphershed.org/Docs does not currently exist.
This commit looks good to me.
Bill
I have never been served with any warrant such as an NSL, I have no
gag order of any kind, and am not under any sort of compulsion related
to the CipherShed project. The latest commit I have examined is
a03e565835e3ff66774a2a50946dc2290bcbc7d4.
Bill
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQIcBAEBAgAGBQJTqAfEAAoJEL9an3rWhBk+AGQP+wWcEoe6ZWoK+mu451cB1VCy
iipfeJGymU9Uojir5bF+rnqHHibI51SdPrGmUHco5D9hcao+dyv1PNt4maJVaBSU
4L/jN3B/s512DC3cNNNu0y6h8Ny513pdO6RV+grLyrEcilajvgklaBm+Rs17oq6s
6F4Ke10Q1fUj+ceEzSNJnSxZ3I9ffqsZKMFN6/mizJ1VogECiJ5p0at6JREVzXZL
U3G/vVMVkdywFAHF65A+9EvxXZRKVCX70io503uu1TfJ0UWQRcJhC8rXy8g2w4d1
vRVX8n888vVOh0+06PKcGejJGvnjcHpVcJzb5FZtDbRa1+nq/D5nYKz54JA0V0Ky
ro9CRdLcZu0thfVQx62WB5gLUovJkx/mRE2rKZ9BfsYddX2c75ve7U3JnOnZM5X8
Mvk21YZ0SAFc1WbtBs7ewJ/kRTVDVOQAz6HOY9oAUYStHYRQoFTVwutLm5so+Gn6
O0Onv+ERvcc3UDBQEKtqNax7RpyddFKN6cp32ZeZwCru6a0r9yvjjOAIaB3J/AP9
yLomLalvPNc5XrwRlBNR7OX6s2/ILOu2/ECdMMkzTM6fl5HawEWu7eIoA0o+twvc
97DNAFBGD+geegeLjTviCz6B/ZV2MZ079bqcLoT50MlHxg9T28VCA/t5jzLXxoFt
RGndu4Qyng7HUlGoXowJ
=z7ik
-----END PGP SIGNATURE-----
Other related posts:
