[liberationtech] secure download tool - doesn't exist?!?

[adrelanos]

Eleanor Saitta:
> On 2013.07.01 17.28, adrelanos wrote:
>> Eleanor Saitta:
>>> On 2013.07.01 15.15, Julian Oliver wrote:
>>>> ..on Mon, Jul 01, 2013 at 06:03:01PM +0000, adrelanos wrote:
>>>>> In response to "the tool doesn't exist"...
>>>
>>>> apt-get install tor && torify wget http://path.to/file
>>>
>>> And how did you verify the trust path for your initial debian
>>> install?
> 
>> Thats a different issue to be discussed and solved separately.
> 
> No, it really isn't.  Either you have a trustable chain or you don't.
> 
> Now, admitting that you have no trustable chain is fine; it means
> you're looking at outcomes and scope of compromise required to affect
> a single user, etc., because that's all that you've got left.  In
> fact, it's useful to start thinking this way, because then, while
> chain of custody in the download process is still important, you start
> thinking about detection of interference rather than assuming that
> your house-of-cards updater will always work.  Which it won't, no
> matter how good it is, if for no other reason than that it will have
> bugs which someone will eventually exploit.

I am happy, that you have the bigger picture in mind. I just want to
say: How do you propose to fix all issues at once?

For example, when Google started offering HSTS Preloading, nullifying
their efforts by saying "what if the client is already infected by a
trojan", doesn't help fixing any eventual issues with HSTS Preloading.
(Not sure there are any, just as example.)

If the topic of "how do we get a trust chain for our operating system"
(or even "firmware") is something of interest to you, thats great.
Please discuss it and perhaps even start working on improving it. I'd be
delighted to see discussion and development in that area as well.