[Nix-dev] Malicious installation methods
zimbatm
zimbatm at zimbatm.com
Fri Jun 17 16:38:58 CEST 2016
On Fri, 17 Jun 2016 at 15:19 Yui Hirasawa <yui at cock.li> wrote:
> >>> Like already said before, detecting if a user run a curl-pipe-bash and
> >>> injecting a malicious binary on the fly is rather trivial to do
> compared
> >>> to compromise the nixos website itself, and create a phising to fake
> >>> both the tarball and the displayed hash.
> >>
> >> Hash would only ensure that there is no corruption en route, but we
> >> already have that since most TLS ciphersuites are authenticated... gotta
> >> check nixos.org ciphersuites.
> >
> > I wonder if something like this would be better perceived:
> > ...
>
> No. Just verifying a hash isn't good enough. Instead the script should
> come with a detached PGP signature.
>
The second argument could alternatively be a GPG fingerprint then. It
wouldn't protect the user from a downgrade attack though.
Did you reply to me out of the list on purpose?
>
Not on purpose. I believe it went both to you and the list though.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.science.uu.nl/pipermail/nix-dev/attachments/20160617/1b273f66/attachment-0001.html>
More information about the nix-dev
mailing list