Re: ftp down

Thu, 22 Aug 2024 17:14:10 -0700 

Björn Persson wrote:

Jacob Bachmeyer via Gnupg-users wrote:
Unlike HTTP, FTP is /not/ subject to simple Man-on-the-Side attacks (which motivated the rush to HTTPS) because there is no in-protocol redirect. 

So FTP isn't vulnerable to that particular attack,



... which is important because that particular attack (and a 
whistleblower reporting that it had been deployed on a large scale) was 
most of the motivation for the rush to HTTPS.



 and attackers have
to resort to TCP hijacking or DNS poisoning or BGP hijacking or
whatever.



All of which are far more detectable than the simple Man-on-the-Side 
attack.  BGP hijacking and DNS poisoning in particular are likely to 
affect large numbers of users.  That itself can be a deterrent.  
Remember that the threat model here is substituting a backdoored GPG.  
Such an attacker loses if the attack is merely /discovered/.  Each user 
affected increases the risk of discovery.



 Without cryptography there is no security.



Yes, and the transport by which GPG is delivered is already untrusted, 
thus the signatures on the tarballs and the digests in the release 
announcements.



 Anyone who wants
to argue in favor of FTP from a security point of view should at least
argue for FTP over TLS.

  



I specifically addressed that TLS is of little or no benefit to the 
distribution of GPG.  It does not even provide privacy as to what was 
downloaded, because passive traffic analysis reveals a connection to the 
GPG distribution server and that N bytes were received, which is likely 
enough information to determine /which/ tarball a client downloaded.



[...]

I would encourage resuming FTP distribution, since I see no plausible 
security benefit to omitting it.
    


For the download usecase, I see no plausible benefit to providing FTP
service in addition to HTTPS. A web server plus an FTP server will
always be a larger attack surface than only the web server. I recommend
leaving the FTP server off.



FTP is a longstanding and simple protocol; accordingly, FTP servers were 
all hardened long ago.  The incremental risk is slight, compared to the 
complexity of a modern httpd.  Especially if the FTP server can be 
further sandboxed using SELinux or similar, since it should need no 
write access whatsoever:  logs can be sent through syslog if needed or 
simply not kept at all.


I stand by my previous recommendation.


-- Jacob


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

























					Reply via email to