From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 4624C138CBD for ; Wed, 11 Mar 2015 15:35:55 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id B5974E09B5; Wed, 11 Mar 2015 15:35:53 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 0E46FE09B1 for ; Wed, 11 Mar 2015 15:35:52 +0000 (UTC) Received: from [192.168.1.11] (pool-72-95-142-247.pitbpa.fios.verizon.net [72.95.142.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: zerochaos) by smtp.gentoo.org (Postfix) with ESMTPSA id BD24F340A79 for ; Wed, 11 Mar 2015 15:35:51 +0000 (UTC) Message-ID: <550060D4.4050702@gentoo.org> Date: Wed, 11 Mar 2015 11:35:48 -0400 From: "Rick \"Zero_Chaos\" Farina" User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-portage-dev@lists.gentoo.org Reply-to: gentoo-portage-dev@lists.gentoo.org MIME-Version: 1.0 To: gentoo-portage-dev@lists.gentoo.org Subject: Re: [gentoo-portage-dev] Portage and Update Security References: In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="lK3TFIM0tFBXrO150UxxPfQBCXicT7Od6" X-Archives-Salt: f1b75500-ec52-4a34-b917-737ff9c3e323 X-Archives-Hash: 00dcf5f9dddb49719e3dd49cde5d3310 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --lK3TFIM0tFBXrO150UxxPfQBCXicT7Od6 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 03/10/15 17:15, Vladimir Diaz wrote: > Hi, >=20 > I am a developer in the Secure Systems Lab at NYU. Our lab has > collaborated with popular software update systems in the open-source > community, including APT, yum, and YaST, to address security problems. > More recently, we have been working on a flexible security framework > co-developed with the Tor project that can be easily added to software > updaters to transparently solve many of the known security flaws we hav= e > uncovered in software updaters. We would like to work with The Portage= > Development Project to better secure the Portage distribution system. >=20 > TUF > > (The Update Framework) is a library that can be added to an existing > software update system and is designed to update files in a more secure= > manner. Many software updaters verify software updates with cryptograp= hic > signatures and hash functions, but they typically fail to protect again= st > malicious attacks that target the metadata and update files presented t= o > clients. A rollback attack is one such example, where an attacker tric= ks a > client into installing older files than those the client has already se= en > (these older files may be vulnerable versions that have since been fixe= d). > A full list of attacks and weaknesses the framework is designed to addr= ess > is provided here > > . >=20 > Our website includes more > information about TUF, including: papers > an= d a > specification > . > If you want to see how an existing project integrates TUF, there is a > standards track proposal > > to the Python community that you can review. A more rigorous proposal = that > requires more administrative work on the repository, but provides more > security protections, is also available > . >=20 > We were thinking of submitting a pull request that shows how such an > integration would work. So there hopefully won't be much leg work on y= our > end apart from deciding how the system should be configured (key storag= e, > roles, etc.). >=20 > Would a pull request be of interest? Is there anything you'd like us t= o > say more about? I can't speak for the portage team, but I'm certainly interested to see what you have to show. Security should matter to everyone. -Zero. >=20 > Thanks, > Vlad >=20 > P.S. > There are Informational and Stand= ards > Track GLEPs that reference our wo= rk > and the security issues that our project addresses, but there hasn't be= en > much recent activity on these proposals. >=20 >=20 > -- > vladimir.v.diaz@gmail.com > PGP fingerprint =3D ACCF 9DCA 73B9 862F 93C5 6608 63F8 90AA 1D25 3935 > -- >=20 --lK3TFIM0tFBXrO150UxxPfQBCXicT7Od6 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJVAGDYAAoJEKXdFCfdEflKWHMP/3Om+ogNmn5TYScEW/lGkjW4 pvwA+r93+57eRnEu+Kjb3nmcgx536oKciZmLj8zpQtVEnVN+p0uk4jiwNMYa3o1h OLZXGwQtyPOdYBHML/8L0uwcOHtmF4DqWZR03c15pXVoCjmw/IC7G/buXwYBJE2E IBPkmX8Fn7efhmRdb/ibMoVXWiDeYBSUUlFir10LCG17YFlhYAGMwazHYJqjjJn5 A74H0U11eyvqPUzrGXK/sxn+vod7IW25Eg1ooA0sbQosfphO6BqBkoSVOTpuUd07 s+wbU2qxKWi5Kz6Hy6WaN/cIGv/fcNQrsVOK/XMGkhWmWJfd1bVFnkyE30QnOX4s y4737FiFcR/AdPBiMT1lfwmvMrNnBJZxOOcQOUGjBtSFl9SnrafSYtE4vXf4m1lQ 8L05n8XJVgRhiIqPiY1ILU37WCi/2BWxzyDGgNUQZXJ38OUFkNqLN7WC6DDmZwGK /8cv1NynQNZwgqO9WwbHOSkjYShdrC7oCdtGB7dbSMGrQdjOgmsg0QGFK10iqqli XqOaeKPYxy9Uyxr1PzjPSE2czfFLnAQjcZDQR8tOF9Ii4rG1UzsXamgpvFeHJ5mz ysPRxVF+Bmloe5SWEZjvq9Fsjrc1kJlLQ89eM3o79FnmtCGgwcD2fqCNB3GIVqI9 NY+LWzp2MLKohUCQSPXE =pCOB -----END PGP SIGNATURE----- --lK3TFIM0tFBXrO150UxxPfQBCXicT7Od6--