Changes between Version 271 and Version 272 of doc/TorBOX/Dev

Mar 4, 2012, 9:47:46 PM (7 years ago)

Max-ValidTime, circuit sharing correlation


  • doc/TorBOX/Dev

    v271 v272  
    4949 * (anonymous) These are all well and long know issues a software update system should protect against today. From 2008: As a response there was the project apt-secure which replaced the old insecure apt-get. Everything is (or should be) signed now. Debian does protect against maliciousness exits preventing individual updates. Much to my surprise, Ubuntu doesn't seem to use that feature! I think we should set a Max-ValidTime in apt.conf. This will throw a false positive if there hasn't been any update to a repository in N time. About hash collision vs AES: TSL depends Hashes (still see md5 around), Tor depends on sha1, gpg depends on sha1. If a pre-image attack is possible against sha1 we are all f****ed anyway.
    5050 * (proper) That [ bug] is really sad. It's not even confirmed because less then 5 people clicked the "I am also affected button.". Not sure if Max-ValidTime in apt.conf is a good idea. Have you tested it? What do we do once we have the first false negatives?
     51 * (anonymous) Maybe we'll see this getting fixed soon: I couldn't get  Max-ValidTime to only apply to security updates. apt.conf syntax is the most awful thing I've ever seen for a config file. We can only apply this setting to security, and update repos, the release repos don't get updated after release (i.e. it complains "invalid since 139d"). However I can't figure out how to do that, I can only set Max-ValidTime for all "Ubuntu" repos, or none. The problem is the way they handle the "Label" in releases ([ Ubuntu] vs [ Debian]). The only option that works so far is disabling stable repos in source. This should mean we still get security fixes but one can't install new software via apt-get. (But one can still install new software if it has been updated since release, and doing so I got some scary warnings about missing verification). Messy stuff, I don't see how we can offer a reliable workaround, we'll have to wait for upstream - or change upstream.
     53= Question about ApplicationWarningsAndNotes > Identity correlation through circuit sharing =
     54 * recent edit at: [[BR]]
     55   I don't understand what you mean with "redirect (...) to another workstation". Also how should a local dns server provide protection against correlation. You'd still run a single instance that multiple clients share.
    5257== SELinux AppArmor grsecurity [OPEN] ==