[tor-bugs] #9931 [Website]: Securing the integrity of downloads from the Tor/Tails website

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Oct 8 20:24:08 UTC 2013 

#9931: Securing the integrity of downloads from the Tor/Tails website
-------------------------------------------------+-------------------------
 Reporter:  tolodof                              |          Owner:
     Type:  defect                               |         Status:  new
 Priority:  major                                |      Milestone:
Component:  Website                              |        Version:  Tor:
 Keywords:  SSL, MITM, Verifying, Download,      |  unspecified
  Website                                        |  Actual Points:
Parent ID:                                       |         Points:
-------------------------------------------------+-------------------------
 Currently when downloading Tor or Tails from the website, we are advised
 to download a signature file to verify the integrity of the download. As
 the website acknowledges though, despite using SSL this provides no
 protection against a MITM attack, meaning that both the program and
 signature downloads could be compromised.

 This same problem applies to downloading the programs necessary to verify
 the signature is correct, such as gpg4win, whose website doesn't even use
 SSL.

 However, as explained here https://www.grc.com/fingerprints.htm, I believe
 there is a solution to this problem, namely using an Extended Validation
 certificate for the Tor/Tails website. Because these certificates are
 embedded in Firefox and Chrome and thus are not vulnerable to being
 tampered with, as certs in an external store are, these browsers can
 indicate when a SSL connection is using one of these certs and assures the
 user that when visiting the site, they are not subject to a MITM attack.

 Therefore, the user can be certain that when downloading the program and
 signature from the Tor/Tails website, it is in fact being downloaded from
 there and nowhere else. I think to complete the circle, it would be
 necessary to host whatever program is needed to verify the signature on
 the Tor website as well and not have this downloaded from an external
 website, which even if it uses SSL could expose the user to a MITM attack
 and result in them downloading a compromised version of the verification
 program. The MD5 Reborned addon for Firefox https://addons.mozilla.org/en-
 US/firefox/addon/md5-reborned-hasher/ does at least download from a site
 using an EV cert, so users can be sure they're not subject to a MITM
 attack when downloading that but you are still relying on this website not
 being hacked and the download being replaced with a compromised one. I
 guess the dev-team are best placed to decide whether any such breach would
 be publicised immediately by Mozilla, allowing users to protect
 themselves, or if it would be better to host all downloads on the Tor
 website.

 There would of course still be the chance that the Tor web server could be
 hacked and the program/signature downloads replaced with compromised ones
 but I'm sure this would be caught fairly soon, whereas a MITM attack could
 result in users relying on compromised versions of the software for a long
 time without any idea.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9931>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list