[tor-mirrors] mirror content integrity
fcornu at wardsback.org
Tue Jan 13 07:26:04 UTC 2015
Le 13/01/2015 08:05, Christian Krbusek a écrit :
> thanks for consider running a mirror!
> In fact you can't prevent that but you are
> also mirroring the signature files. So anybody downloading from any mirror -
> even the original host - should verify the
>> How do we prevent a mirror admin from tempering with the served files ?
So let's pretend I want to push some malicous TBB bianries...
1) Nicely behave as a mirror for serveral month to get good reputation
2) Build malicious Bundles and sign them with a a bogus key carrying
Erinn Clark's public info and replace the original files
3) publish this key to some keyserver
4) Modify /docs/verifying-signatures.html.en &
/docs/signing-keys.html.en to have visitors retrieve and somewhat trust
5) Wait for people to download binaries and omit to verify signatures,
let alone keys...
I could have a chance of pushing some dity bits out there, what do you
Shouldn't these 2 files be excluded of the mirroring process ?
More information about the tor-mirrors