> An attacker gains access to your machine while it's powered on and you > are away (maybe gone to lunch?) Sorry, but what? How responsible are you? Don't blame software for things it can't do... If an attacker has physically access: _Checkmate_. You can easily dump the TrueCrypt master key from ram if the volume is currently mounted... Nothing you could do against it really... 2014-06-13 16:48 GMT+02:00 Bill Cox <waywardgeek@xxxxxxxxx>: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Here's an attack that signing every commit can help defend against. > > An attacker gains access to your machine while it's powered on and you > are away (maybe gone to lunch?) He sees that you have not pushed > several commits to your fork yet, so he creates an alternate history > of commits where one several back introduces a 1-character change that > introduces a back-door. Later you sign just the last commit, which > has the correct comments and correct diffs against the prior commit, > which you carefully check. Then you push the whole thing, with the > back door. > > If you had signed the previous commit, and you checked for that when > you diffed the new code vs the previous, this attack would fail. So, > we should at least go to the trouble of signing commits. > > Another good practice would be pushing after every commit. We could > automate daily backups of all of the developer's github forks, and by > pushing every commit, we could more easily detect when someone with > your signing key mucks with the history. > > Of course, the attacker could just insert a keylogger, get the pass > phrase to your private key, and succeed in his attack next time. > Heck, all he really needs is your encrypted private key, because he > can then launch a massively parallel password guessing attack on your > rsa_id key, which is protected by only one md5 hash and zero key > stretching! With government scale password cracking, he could > determine your pass phrase is "you will never guess this password" in > about a second (guestimating 47-ish bits of entropy, and 100 trillion > guesses/second). > > So, signing commits helps. It's also a good idea to use an insanely > difficult pass phrase, much stronger than "you will never guess this > password". Maybe something like "You 5usf will fuwJ7& never dk43& > guess *&^% this !)'[ password". Unfortunately, it's not enough, > because the guys we're up against have many ways of finding our secret > keys. Real defense would involve air-gapping, and possibly even > sound-proofing and Faraday caging your development machine, and a > physical lock even a locksmith would have trouble opening, and an > alarm system even an expert would have trouble bypassing. Even if you > did all that, I would personally try to infect your machine with a > simple program that would draw power in a pseudo-random way to > transmit data using a spred-spectrum signal over your house power > line. Even if you have a monster UPS and power factor correction, I > can just increase/decrease your power draw by 1 watt pseudo randomly > at a low data rate, and pass right through all that. I bet I could > insert that into the TrueCrypt GUI code and not get caught, so > everyone on the team would be running it. I could collect that data > from your street power connection. Even if somehow you could defend > against that attack, how much money will it take to simply buy a plant > on this team? Even more fun would be if one of those sexy Russian > spies like the one we caught a few years ago decided to try and tame > me :-) One can only dream... > > Bill > > On 6/13/2014 9:11 AM, Rocki Hack wrote: > > That's fine for core devs committing (merge) to trunk and as long > > these commits NEVER change. But do not force external contributors > > (and if you commit to your forks) to sign with gpg, it's > > recommended to use "-s". > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.22 (MingW32) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIcBAEBAgAGBQJTmw9AAAoJEL9an3rWhBk+0gIP/3J7dKV7HJE6mKJKOfTwcp9k > DToLMBXbY0eKU+81F11uA2e/rUd+I/wqOYVP9GiT1I+AYe8+3a3+2RX3nXQ42m4C > eJkYFISZA00VgxwDA9bS+OjpXA3v8Q20sQT9l+m8GAZzw4muqdsPH4wM9iUD1tj+ > MNrlahoRFZDiUKHAv03VU1KpKFt0xbqQI4OcOBWri7had4OzsrIRyMIYu1cJ81wp > uUHHjagqdVSNDkytCjuHvVn86qXJoGXQgF+mrUjCKXlqMoQXvB1pbu5IDbbHoEdL > oC7jm/IkcrcR8xMXhTEi6AJi+1Sd1RKOFb/lfKgR7qqvnNp6VWBDi53z6t3JG0YT > GPEKJrxrLdk5Sq6BAIDxy0Z23OAZUVuqxIfCa4S5U9aGG75Or0WeQj7ROWttxtHO > LlkkiNNTp0p2fSDX19e+XKBpXx1JZv99wuWmTGy/1kHm0eYkjOkUYLFnsIvbAojO > nOLLGPa3QY5SvFBtdJrq1wl9ToPfjZIRzZHPWAKBjA+cx5J4KiiqCHvG2CwY/Fhv > MU1xTJI4pqykw/B29cGotIywJo7An9cpW0ZwyaZvVr9O82v8zFGeE9H2DMa6Ukue > VpqSpOxI3k+IZ8AE5Wdeebs47mt2yrDM16zDUDgGFF5+dUeYNqw1QXRNKZ5TrpQb > 33qiZ4Xm8GzfU6V2o0BZ > =au6J > -----END PGP SIGNATURE----- > >