On 3/17/2010 9:05 PM, Steven Monai wrote:
On 2010/03/17 6:54 PM, Christopher Faylor wrote:
Oh. Are we still talking about this? I drifted off.
Somebody please wake me when all of this tempest in a bikeshed is over.
I don't understand the reason for the dismissive attitude.
Your proposed solutions don't really work. They're crutches which may
help in some cases, but they don't absolutely and finally fix the
problem. Therefore you're proposing that someone else do work on a
"maybe". Why are you surprised when he says "no"?
Re the idea that SSL will defeat brain-dead and broken proxies: only the
most brain-dead among them. Corporate filtering proxies are often set
up to unwrap SSL at the proxy then re-sign the outbound request; they
see the plaintext request. Such things aren't common at the low end
because it requires adding the proxy as a trusted CA to every SSL using
program on the system, but it's common enough.
Re MITM mitigation: If that's what you're trying to guard against, how
does putting hashes on a non-HTTPS web page help? A MITM could modify
the hashes in transit just as well as he could modify setup.exe.
Re the MITM risk to begin with: is this actually happening, or are we
just speculating here? I pay some attention to security issues, and
haven't seen any reports of random in-flight exes over HTTP being
replaced by a MITM with malware. Could it be done? Of course. But
*is* it, and with what frequency?
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple