1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
|
Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
helo=mx.sourceforge.net)
by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <wendel@314t.com>) id 1V6yUJ-0003oy-Oi
for bitcoin-development@lists.sourceforge.net;
Wed, 07 Aug 2013 07:48:57 +0000
X-ACL-Warn:
Received: from mail-we0-f174.google.com ([74.125.82.174])
by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1V6yUH-0003zm-Tn
for bitcoin-development@lists.sourceforge.net;
Wed, 07 Aug 2013 07:48:55 +0000
Received: by mail-we0-f174.google.com with SMTP id q54so1245266wes.33
for <bitcoin-development@lists.sourceforge.net>;
Wed, 07 Aug 2013 00:48:47 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=google.com; s=20120113;
h=x-gm-message-state:sender:subject:mime-version:content-type:from
:in-reply-to:date:cc:message-id:references:to;
bh=lSskHxaI+eRZX1u/KgQDHIgs8JZqFbJAvOOGX/+tYwg=;
b=VgekmfNf9Quvnvrk1rDrq2rRBEmU/YUmIkCeHjrmRCDxwYFniQhOUpQiEIeGko7d/k
08XO8PbvZJJxcS1dtIpLwqL09eMSN2FrEJl+gOR/xJ/Or2i2O3Rkyzevc+bXG9ikG3A1
V+zKaPySgnjuPMI8MdDa+acDibhUQfb9osl3YLDdSScwR6P6LIVhrcy9h2yj8kzlK/ee
rgLNTvFdrOmA6a9qrwD9Q8lk3EPCK/FyeqclLNQgTZqcobP2+zUVO2QjKCmw10NLZwbR
bfgaiIIXPS3IVzbj1wpDVdI9X0gYvGG9zTqZEBmd/E1fLwNSKou1CHeBiwDRm5HNmbgb
P3gQ==
X-Gm-Message-State: ALoCoQmLq6/1qGLantnEgV+p1kLmn3kHbh79qhjLfjjV+xdh9K01kUo+DpJMCBAqMQnq53SQar/t
X-Received: by 10.194.9.229 with SMTP id d5mr1287897wjb.66.1375861727632;
Wed, 07 Aug 2013 00:48:47 -0700 (PDT)
Received: from [127.0.0.1] ([82.221.102.245])
by mx.google.com with ESMTPSA id bt8sm7176336wib.8.2013.08.07.00.48.43
for <multiple recipients>
(version=TLSv1 cipher=RC4-SHA bits=128/128);
Wed, 07 Aug 2013 00:48:46 -0700 (PDT)
Sender: w grabhive <wendel@314t.com>
Mime-Version: 1.0 (Apple Message framework v1283)
Content-Type: multipart/signed;
boundary="Apple-Mail=_AFADAF3D-909B-40DD-B7E5-5F017BEC76EE";
protocol="application/pgp-signature"; micalg=pgp-sha1
From: Wendell <w@grabhive.com>
In-Reply-To: <09169cb2-cc59-4261-84e9-0769ec72af6b@email.android.com>
Date: Wed, 7 Aug 2013 06:32:08 +0200
Message-Id: <4E4E5921-E8BF-4274-A062-EF1FBC331C95@grabhive.com>
References: <EE3869FD-6D83-469A-BF4F-31B79CA9950F@grabhive.com>
<51FFCA9A.6010208@gmail.com> <51FFD722.5090403@gmail.com>
<09169cb2-cc59-4261-84e9-0769ec72af6b@email.android.com>
To: Peter Todd <pete@petertodd.org>
X-Mailer: Apple Mail (2.1283)
X-Spam-Score: 4.4 (++++)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
1.5 RCVD_IN_PSBL RBL: Received via a relay in PSBL
[82.221.102.245 listed in psbl.surriel.com]
0.6 RCVD_IN_SORBS_WEB RBL: SORBS: sender is an abusable web server
[82.221.102.245 listed in dnsbl.sorbs.net]
1.1 DATE_IN_PAST_03_06 Date: is 3 to 6 hours before Received: date
1.2 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <http://www.spamcop.net/bl.shtml?82.221.102.245>]
X-Headers-End: 1V6yUH-0003zm-Tn
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Safe auto-updating
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Wed, 07 Aug 2013 07:48:57 -0000
--Apple-Mail=_AFADAF3D-909B-40DD-B7E5-5F017BEC76EE
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
That multisignature/blockchain commitment idea seems really solid, =
Peter.
Thanks very much indeed everyone, this is all very helpful. Much to =
research and think about.
Interestingly, a thread is presently raging on liberationtech about Tor =
Browser Bundle, and the subject of automatic updates has come up. =
Gregory Maxwell responded thusly (cross-posting for completeness):
> _please_ don't deploy automatic updates in a sensitive environment
> like this without at least quorum signatures (like gitian downloader)
> and timed quarantine with negative signatures (harder to make strong
> absent a jamming proof network).
-wendell
grabhive.com | twitter.com/grabhive | gpg: 6C0C9411
On Aug 5, 2013, at 7:49 PM, Peter Todd wrote:
> Gregory Maxwell had some good ideas along these lines at the san jose =
conference. Extending gitian with these kinds of features would be a =
good approach.
>=20
> But I think its worth thinking about attack models. A huge danger with =
auto-updating is that it is easy to target individuals; if I leave =
auto-updates on I am essentially trusting the developers capable of =
signing an update not to specifically try to attack me in the future, a =
much more risky thing to do than simply trusting them not to release a =
malicious release.
>=20
> Sure you can try to implement anonymous downloads and similar =
mechanisms, but they all tend to be fragile with regard to =
deanonymization attacks.
>=20
> A better way is to ensure that the act of making a release available =
for download must be public, even if you can control what binaries are =
made available to a particular target. You can do this by putting a =
commitment in the blockchain itself. Each person on the signing list =
creates a transaction with a special form from a specific pubkey that =
commits to the digest of the binaries, and the auto-update code refuses =
to update unless it sees that special transaction with a sufficient =
number of confirmations. The developers now can't make a special release =
for a specific target without letting the world know they did so, even =
under coercion.
>=20
> They developers could of course still make a release with code inside =
targeting a specific individual, but in theory at least the public can =
check if their builds are reproducible, and start asking questions why =
not?
--Apple-Mail=_AFADAF3D-909B-40DD-B7E5-5F017BEC76EE
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
iQIcBAEBAgAGBQJSAc3IAAoJECAN2ykHU5Y6vdkP/ir6wYcnnq2zDq8asRIe09Qd
vKYlx/zB7hXo/scdcJ1OQV126I1ts17io6TuoNB+r34DbYeMo9T20bGJd/ywUQ9w
vRoKSW5hql75ZPOdq5DtBjVGWVms6q1vTHvOYxhW85mlp77NP0dpkuRWYnzGqSXV
P0MzeWL07PZ3RskpbAs7XoCYzURw7shwJyYCqkhHCb0mXv4FzpoxC0UwMSMI7SkI
NKJcVbAp6xcZgsCbGxV6acBUTO/dB5h7UuLEzsRT6pD1O/Dvi3ODp6n5hMMv8MMp
LVJNAeBcMS870D5sE87ZVBepjIWYxFLF0joNMPhJl9q5pTjKnedttPssxnCZv+Cy
F7sqJsb9p0lLrLw1fKDuUx4PBmkd3/aVK1zOPfrArzC7x7pWFVqQAo8PHXpRhusr
eA/2aS0upsWFxxz1k1s6iYop95I+OHGHB/C7NaX2/3oPv9hHv0F2qQgTLF1HCRGU
iZSFQDZonaaA5cMtCPhXkhqMRLefjE2KT27L72eTmEV1qTUeOY6KseoOBNW90IKj
+d/yQ9H8DwRxWld10Dn7nHKLidxfsguDi5/FwGLlVhzrv0+15jEhZ8Tu0Rors24T
0D76YWSO9HcP/8RQX8d10ypjQNDCDHO46mFGR5tP9Muw9L591iji4z+QYAMOq/Uo
WWLd4BnNM33OZu5r3JT4
=ycn/
-----END PGP SIGNATURE-----
--Apple-Mail=_AFADAF3D-909B-40DD-B7E5-5F017BEC76EE--
|
