Re: Tor exit nodes

To: Thorsten Glaser <[email protected]>
Subject: Re: Tor exit nodes
From: Florian Weimer <[email protected]>
Date: Wed, 18 Oct 2017 00:37:01 +0200
Cc: Matt Taggart <[email protected]>, [email protected]
Delivered-to: [email protected]
Delivered-to: [email protected]
In-reply-to: <[email protected]> (Thorsten Glaser's message of "Mon, 16 Oct 2017 22:49:01 +0000 (UTC)")
List-archive: <file://master.debian.org:~debian/archive/debian-private/>
List-help: <mailto:[email protected]?subject=help>
List-id: <debian-private.lists.debian.org>
List-post: <mailto:[email protected]>
List-url: <https://lists.debian.org/debian-private/>
Old-return-path: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]> <1869053.8afOm8C7Gj@xev> <[email protected]> <[email protected]> <[email protected]>
Resent-date: Tue, 17 Oct 2017 22:37:18 +0000 (UTC)
Resent-from: [email protected]
Resent-message-id: <Ghn9g8ImQGI.A.q1G.eYo5ZB@bendel>
Resent-sender: [email protected]

* Thorsten Glaser:

> I was, however, aware that such embedded devices do not normally
> have good sources of randomness, and that they run specially
> tailored code (which means less exposure, less testing, less eyes
> on them), but I think both of that were common knowledge, and that
> most people wouldn’t generate a key on such a device (although I’ve
> read reports of people doing that by booting from a live CD, imme‐
> diately generating a keypair, uploading the secret key to a device,
> then trying to eliminate traces from RAM etc. and I was shocked and
> told them about the “needs entropy” issue; I got one to redo their
> key completely).

On the other hand, one of the most attractive aspects of these devices
for the majority of users is that the private key cannot leave the
device, and the easiest way to ensure that it is not available outside
the device is to generate the key on it.

Keus not leaving the device are important because it is the only way
to reliably prevent user errors such as posting private keys alongside
with public keys or disclosing keys to customers which also protect
data for unrelated customers (apparently, this is a common problem for
DNS hosters), or preventing key theft as the result of a malware
infection.

Follow-Ups:
- Re: Tor exit nodes
  - From: Thorsten Glaser <[email protected]>

References:
- Dmitry Bogatov arrested in Moscow
  - From: Dmitry Shachnev <[email protected]>
- Re: Tor exit nodes
  - From: Holger Levsen <[email protected]>
- Re: Tor exit nodes
  - From: Lars Wirzenius <[email protected]>
- Re: Tor exit nodes
  - From: Russell Coker <[email protected]>
- Re: Tor exit nodes
  - From: Thorsten Glaser <[email protected]>
- Re: Tor exit nodes
  - From: Matt Taggart <[email protected]>
- Re: Tor exit nodes
  - From: Thorsten Glaser <[email protected]>

Prev by Date: Re: Tor exit nodes
Next by Date: Re: Tor exit nodes
Previous by thread: Re: Tor exit nodes
Next by thread: Re: Tor exit nodes
Index(es):
- Date
- Thread