On Mon, Oct 24, 2016 at 2:33 AM, Adrian Bunk <b...@stusta.de> wrote: > You are implicitely assuming that mirrors can be trusted, > and even that is not true.
No, not actually. Just presuming that NSA doesn't operate ALL mirrors. Of course they can operate single servers or a number of servers, but that increases costs and makes it harder to passively collude against ALL users. > Who is operating ftp.cn.debian.org, and who has access to the logfiles > on that server? > > Debian would accept debian.nsa.gov as mirror, and the NSA might already > operate or have access at some current mirrors. Right, but that's a much smaller subset of ALL. > When a nation-state actor analyzes all the traffic on a network > connection that also happens to carry the traffic between you and > the Debian mirror you are using, HTTPS won't make a difference. If it doesn't make a difference, send me a PCAP of all your private traffic captured from an intermediary node :) I mean, if you don't seem to care, you won't mind me looking through your stuff. And I also encourage you to configure your browsers and email clients to utilize only plaintext HTTP / SMTP / IMAP / POP, perhaps on public wifi too, so we can all read it. You know, I mean, if it "doesn't make a difference to you" if you use HTTP or HTTPS or other unencrypted protocols. The reason it matters so much with SecureAPT is because these are critical protocols running with root privileges on your system and are leaking a large amount of data about your system configuration and the security of it. I don't think I need to belabor that point. HTTPS does make a huge difference and the entire Internet would not be using it if "didn't make a difference". We can probably end the thread here because numerous respected @debian contributors have confirmed the issues with confidentiality and seem to making efforts in that direction (hopefully for the next release). -- Regards, Kristian Erik Hermansen https://www.linkedin.com/in/kristianhermansen
