Ubuntu QA:
BlogBrainstorm
Log in
Ubuntu QA
The Ubuntu community has contributed 12232 ideas, 57574 comments, 1174524 votes

Idea #11010: SSL secured repository



up
44
down
Written by Eldmannen the 10 Jul 08 at 23:50. Category: Security.
Related to: Nothing/Others. Status: New
Description
I would like to be able to connect to the software repository using a secure connection that uses SSL.

This will prevent man-in-the-middle attacks (MITM).

It will also prevent example a totalitarian government to snoop on what I download or update. Example, maybe I download cryptography, anonymity or privacy software.

It will also insure that the repository is the real repository, and not a fake one that hosts a Trojan horse or a keystroke logger.
Tags: SSL repository

Attachments
No attachments.


Duplicates


Comments
Eldmannen wrote on the 10 Jul 08 at 23:52
In light of;
* http://www.cs.arizona.edu/people/justin/packagemanagersecurity/attacks-on-packa ge-managers.html

Also read;
* http://it.slashdot.org/it/08/07/10/227220.shtml

"Furthermore, the researchers created a fictitious administrator and company name and were able to lease a server and get it listed as an official mirror for all the distributions they tried (Ubuntu, Debian, Fedora, CentOS, and OpenSUSE)"

Moderator droetker (Moderator) wrote on the 11 Jul 08 at 05:16
Er - you cannot SSL-enhanced download cryptographic software under a totalitarian government - because to encrypted-download cryptographic software you need first cryptographic software.

but anyway, the option should be there.
;-)

Eldmannen wrote on the 11 Jul 08 at 14:18
droetker,
Hehe. Well everyone have a browser with SSL support.
Totalitarian governments probably would let you use SSL (which comes with OS) for banking sites, but might not like to see that you download TrueCrypt or Tor.

hspaans wrote on the 13 Jul 08 at 14:57
-1 SSL doesn't add any benefits, package signing does. DEB/RPM is capable to have package signatures.

Auzy wrote on the 13 Jul 08 at 15:24
SSL has benefits too hspaans.

The main one is that it prevents a man-in-the-middle attack, where a hacker injects data into the stream that exploits the system (buffer overflow in the stream, just like hacking a browser). Another might be sending data to the client which has a bad signature, but tracker scans the file, and has a flaw in the module that reads the packages.

Either way, it should be secure point-to-point, even if my suggestion is an unlikely scenario.


allstar wrote on the 28 Jul 08 at 12:02
Really dont understand the idea, every package is GPG signed, so why would be SSL needed???


Post your comment