On 14/01/2015 12:24, Stefan Sperling wrote: > Bootstrapping trust is always going to be hard no matter what we do > and how hard we try. [...] Now the answer has become "buy a CD > and cross-check it with signify" and it's still not enough. [...]
<paranoia> "Buying a CD" in my case includes a 5.000 mile trip through multiple "five-eyes" nations, whose overzealous three letter agencies officially intercept physical shipments to install backdoors and hardware implants. "Cross-checking" of OpenBSD commercial CD sets at present can only be partial, as no official full checksums seem to be provided. Even cross-checking *all* files referenced by the ISO filesystem would still allow a malicious boot sector to directly reference unallocated space. Let's call a spade a spade: the worst-case scenario is an APT intercepting the shipment of a commercial CD set, substitute one or more CDs and repackage it. Extremely unlikely for the average person, not-so-much for IT security consultants with important clients. </paranoia> Regards -- Enos D'Andrea
