[ciphershed] Re: Requiring GPG Signatures on Git Commits

  • From: Rocki Hack <rocki.hack@xxxxxxxxx>
  • To: ciphershed@xxxxxxxxxxxxx
  • Date: Fri, 13 Jun 2014 17:09:57 +0200

> An attacker gains access to your machine while it's powered on and you
> are away (maybe gone to lunch?)

Sorry, but what? How responsible are you?
Don't blame software for things it can't do...

If an attacker has physically access: _Checkmate_.
You can easily dump the TrueCrypt master key from ram if the volume is
currently mounted...
Nothing you could do against it really...


2014-06-13 16:48 GMT+02:00 Bill Cox <waywardgeek@xxxxxxxxx>:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Here's an attack that signing every commit can help defend against.
>
> An attacker gains access to your machine while it's powered on and you
> are away (maybe gone to lunch?)  He sees that you have not pushed
> several commits to your fork yet, so he creates an alternate history
> of commits where one several back introduces a 1-character change that
> introduces a back-door.  Later you sign just the last commit, which
> has the correct comments and correct diffs against the prior commit,
> which you carefully check.  Then you push the whole thing, with the
> back door.
>
> If you had signed the previous commit, and you checked for that when
> you diffed the new code vs the previous, this attack would fail.  So,
> we should at least go to the trouble of signing commits.
>
> Another good practice would be pushing after every commit.  We could
> automate daily backups of all of the developer's github forks, and by
> pushing every commit, we could more easily detect when someone with
> your signing key mucks with the history.
>
> Of course, the attacker could just insert a keylogger, get the pass
> phrase to your private key, and succeed in his attack next time.
> Heck, all he really needs is your encrypted private key, because he
> can then launch a massively parallel password guessing attack on your
> rsa_id key, which is protected by only one md5 hash and zero key
> stretching!  With government scale password cracking, he could
> determine your pass phrase is "you will never guess this password" in
> about a second (guestimating 47-ish bits of entropy, and 100 trillion
> guesses/second).
>
> So, signing commits helps.  It's also a good idea to use an insanely
> difficult pass phrase, much stronger than "you will never guess this
> password".  Maybe something like "You 5usf will fuwJ7& never dk43&
> guess *&^% this !)'[ password".  Unfortunately, it's not enough,
> because the guys we're up against have many ways of finding our secret
> keys.  Real defense would involve air-gapping, and possibly even
> sound-proofing and Faraday caging your development machine, and a
> physical lock even a locksmith would have trouble opening, and an
> alarm system even an expert would have trouble bypassing.  Even if you
> did all that, I would personally try to infect your machine with a
> simple program that would draw power in a pseudo-random way to
> transmit data using a spred-spectrum signal over your house power
> line.  Even if you have a monster UPS and power factor correction, I
> can just increase/decrease your power draw by 1 watt pseudo randomly
> at a low data rate, and pass right through all that.  I bet I could
> insert that into the TrueCrypt GUI code and not get caught, so
> everyone on the team would be running it.  I could collect that data
> from your street power connection.  Even if somehow you could defend
> against that attack, how much money will it take to simply buy a plant
> on this team?  Even more fun would be if one of those sexy Russian
> spies like the one we caught a few years ago decided to try and tame
> me :-)  One can only dream...
>
> Bill
>
> On 6/13/2014 9:11 AM, Rocki Hack wrote:
> > That's fine for core devs committing (merge) to trunk and as long
> > these commits NEVER change. But do not force external contributors
> > (and if you commit to your forks) to sign with gpg, it's
> > recommended to use "-s".
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.22 (MingW32)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIcBAEBAgAGBQJTmw9AAAoJEL9an3rWhBk+0gIP/3J7dKV7HJE6mKJKOfTwcp9k
> DToLMBXbY0eKU+81F11uA2e/rUd+I/wqOYVP9GiT1I+AYe8+3a3+2RX3nXQ42m4C
> eJkYFISZA00VgxwDA9bS+OjpXA3v8Q20sQT9l+m8GAZzw4muqdsPH4wM9iUD1tj+
> MNrlahoRFZDiUKHAv03VU1KpKFt0xbqQI4OcOBWri7had4OzsrIRyMIYu1cJ81wp
> uUHHjagqdVSNDkytCjuHvVn86qXJoGXQgF+mrUjCKXlqMoQXvB1pbu5IDbbHoEdL
> oC7jm/IkcrcR8xMXhTEi6AJi+1Sd1RKOFb/lfKgR7qqvnNp6VWBDi53z6t3JG0YT
> GPEKJrxrLdk5Sq6BAIDxy0Z23OAZUVuqxIfCa4S5U9aGG75Or0WeQj7ROWttxtHO
> LlkkiNNTp0p2fSDX19e+XKBpXx1JZv99wuWmTGy/1kHm0eYkjOkUYLFnsIvbAojO
> nOLLGPa3QY5SvFBtdJrq1wl9ToPfjZIRzZHPWAKBjA+cx5J4KiiqCHvG2CwY/Fhv
> MU1xTJI4pqykw/B29cGotIywJo7An9cpW0ZwyaZvVr9O82v8zFGeE9H2DMa6Ukue
> VpqSpOxI3k+IZ8AE5Wdeebs47mt2yrDM16zDUDgGFF5+dUeYNqw1QXRNKZ5TrpQb
> 33qiZ4Xm8GzfU6V2o0BZ
> =au6J
> -----END PGP SIGNATURE-----
>
>

Other related posts: