based on personal threat model

discussion about how an attacker can insert a backdoor (get admin access to software repo, code review etc.)

help desk: can some attacker get the mails of the help desk (confidential user data)

loose track of a key or password

  • loose laptop and could be compromised/stolen
    • have backups ==> how do you keep backups save
    • disk encryption
  • choose HSM, PGP key, Yubikey
  • come up with best practices
  • plenty of PW managers
  • KeepassX
  • Yubikey
    • need different keys
    • need backups which have to be ket secure
    • long set of new problems to thing about
    • Is there some howto? Internet is full of HOWTOs, but experts say, it's quite complicated

Is PGP important for Tor?

  • usual secret with a short half-life
  • secrets shared among many people

requesting certificates on behalf of Tor, other sysadmin stuff

different things have different security properties (git repository vs. PII data of employees)

Qubes OS

  • Qubes with smart cards is quite hard

Tor signing key and repo is quite important

  • GeKo described the signing process, attacker needs to attack at different points


  • have to encrypt with some passphrase
  • passphrase is seldom used and easily forgotten
  • where do you safely keep this stuff
  • SPOF

Smart card

  • use an airgapped computer or tails in nno network mode
  • create a key
  • make a backup
  • store the key on a smart card

Buy your computer from some retail store and not via the net where it is easy to compromise

protection against legal stuff

  • technical measure: rep build
  • one malicious update could lead to loss in users and trust
  • engineer out of those problems
  • legal support in case of border crossing (have phone number of a lawyer available)
  • Has Tor a lawyer?
  • it helps to have a simple procedure when in stress

use Tor's public image in case someone gets harrassed at borders etc. to get support

do people exaggerate threats? What happens to people who publicly send patches?

have some technical support as part of the onboarding process which give help in setting up encryption

Last modified 3 years ago Last modified on Mar 18, 2016, 11:53:39 PM