[Haskell-cafe] Ticking time bomb
ketil at malde.org
Thu Jan 31 12:34:07 CET 2013
Vincent Hanquez <tab at snarc.org> writes:
> On 01/31/2013 08:16 AM, Ketil Malde wrote:
>> At least that way, I would be notified if it happened to my packages,
>> and I would be able to check up on the situation, and rectify it.
> you wouldn't in real cases,
I wouldn't what? Be notified? Rectify it?
> it just fix the most obvious and simple attack vector.
> but consider:
Ah, those _real_ cases. Fine, let's see what you got.
> * someone intercepting your upload http stream, and replacing
> dynamically your package.
> * someone gaining malicious access to hackage and planting stuff inside
> * a rogue hackage admin.
> * a rogue hackage mirror admin.
How often do these things happen, I wonder? I guess a bit more rarely
than malware taking control of people's computers, which would simply
allow people access to upload passwords _and_ signing keys. So much for
that perfect security scheme, huh?
Anyway: I don't want to sound negative here, so as a constructive
proposal, please replace one of my packages on Hackage, making use of
one of those techniques. No hurry, I'll wait.
We have this discussion every now and then, and in spite of grand
schemes of crypto and signing and whatnot, we _still_ have security
holes you could drive a truck through. Why not at least do _something_
to fix that, before we return to the more _interesting_ pursuit of the
Perfect Security Scheme?
If I haven't seen further, it is by standing in the footprints of giants
More information about the Haskell-Cafe