See also:

Neil McGovern used GNOME funds to employee Lamby's ex-girlfriend Molly de Blanc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Tor exit nodes

On Mon, Oct 09, 2017 at 09:34:28PM +0500, Andrey Rahmatullin wrote:
> On Mon, Oct 09, 2017 at 06:13:02PM +0200, Adam Borowski wrote:
> > > * The Yubikey 4 seems to be the best hardware option. It's not free
> > >   hardware, however. I'm OK with that for my own use, and I'd be OK
> > >   for that for Debian's use. But before Debian spends money on that,
> > >   we should have consensus that it's OK. I'm also OK for Debian to
> > >   choose an option with free-er hardware, but have no personal
> > >   experience with those.
> > 
> > Let's discuss the threat model.  If I would be a three letter agency, I'd
> > order Yubico (there's so many ways to force a company to do something) to
> > introduce a backdoor: when a secret handshake (cryptographically signed :p)
> > is entered, the keycard spills its storage.  This can be programmed into the
> > kit low-paid goons on the border have, and instruct them to apply to all
> > storage devices they search on a person.  Such an instruction is already a
> > part of their orders, thus no knowledge or skills on the side of the goons
> > are required.  Your secret key will then stay on file, without you being
> > aware of this.
> Is it really specific to the non-free hardware?

A free piece of hardware+software will have no such backdoor.  Good policies
would also recommend reflashing the firmware with a version compiled from
sources or shipped by Debian (thus reproducibly built) before use; any sane
firmware purges existing data before allowing a reflash.

As keycards are made to prevent or at least frustrate physical ways to
retrieve the contents, doing so in infeasible during a routine border
search.  Decapping the chips is not guaranteed to work (in fact, Yubico
claims it's impossible), and requires considerable effort and physically
destroys the keycard.

Quite a difference from briefly inserting the keycard into a computer and
running a program that requires no user interaction.  The former can be done
only to high-value targets who already have been arrested/etc, the latter
can be applied in a dragnet way against random members of a group known to
have strong sympathy towards the likes of Snowden.


Meow!
-- 
⢀⣴⠾⠻⢶⣦⠀ We domesticated dogs 36000 years ago; together we chased
⣾⠁⢰⠒⠀⣿⡁ animals, hung out and licked or scratched our private parts.
⢿⡄⠘⠷⠚⠋⠀ Cats domesticated us 9500 years ago, and immediately we got
⠈⠳⣄⠀⠀⠀⠀ agriculture, towns then cities.     -- whitroth on /.