lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20111004044914.GP6684@thunk.org>
Date:	Tue, 4 Oct 2011 00:49:14 -0400
From:	Ted Ts'o <tytso@....edu>
To:	Josh Triplett <josh@...htriplett.org>
Cc:	linux-kernel@...r.kernel.org, "H. Peter Anvin" <hpa@...or.com>,
	Jiri Kosina <jkosina@...e.cz>
Subject: Re: kernel.org status: establishing a PGP web of trust

On Mon, Oct 03, 2011 at 03:56:52PM -0700, Josh Triplett wrote:
> 
> Same question here.  I have a key, which has already accumulated some
> signatures, and I feel confident that key remains secure, along with the
> one and only system that key lives on.  I have a revocation certificate
> prepared for that key in a secure location, though I'd certainly welcome
> an escrow service from kernel.org as long as that service only stored
> encrypted documents to which only the key owner had the passphrase.  I
> don't see any need to generate an entirely new key in a hurry.
> Certainly transitioning to larger and algorithmically better keys over
> time seems like a good idea, but given the nature of the kernel.org
> compromise, immediate concerns about the strength of GPG keys seems much
> less warranted than concerns about the security of the systems they live
> on.

This is what I did.  I generated a new key a year ago, which has never
left my laptop.  I accumulated keys at linux.conf.au, and after I get
more signatures at the KS in Prague, my intention is to gradually
transition from the key generated in 1997, which has been used to sign
all of my Debian packages and e2fsprogs releases, to my new key.

But that's only because I'm reasonably confident I can trust my new
key, and I did a very careful examination of my laptop looking for
signs that my machines might have been penetrated --- before I
reinstalled it and my desktop at the same time, and initiated a full
password change cycle.  (Yes, that's paranoia.  With security, the
question is always, "are you paranoid *enough*"?)

Note that if your laptop allows incoming ssh connections, and you
logged into master.kernel.org with ssh forwarding enabled, your laptop
may not be safe.  So be very, very careful before you assume that your
laptop is safe.  At least one kernel developer, after he got past the
belief, "surely I could have never had my machine be compromised",
looked carefully and found rootkits on his machines.

       		     	   	       - Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ