[tor-talk] Satori (this crazy app thing I've been working on)

Patrick Schleizer adrelanos at riseup.net
Fri May 9 09:58:18 UTC 2014


Gregory Maxwell:
> On Sun, May 4, 2014 at 5:14 PM, Griffin Boyce <griffin at cryptolab.net> wrote:
>> Hey all,
>>
>>   So Satori is this app for Google Chrome that distributes circumvention
>> software in a difficult-to-block way and makes it easy for users to check if
>> it's been tampered with in-transit.
> 
> You might be interested in some of the ideas that have been floating
> around in Bitcoin land about better tools for distributing software
> updates, I've collected the ones I think are most important here:
> https://en.bitcoin.it/wiki/User:Gmaxwell/update_checking_requirements
> 
> Note that it's not about automatic updates, it's about automatic
> update staging— the user stays in control there... but the goal is to
> advance the art so that users aren't just pulling updates from some
> website in a way that any MITM could compromise too easily... but
> without introducing centralized gate-keeping either.
> 
> I think some of these ideas might be pretty important when
> distributing software specifically to 'interesting targets'— e.g. it
> would give pretty good dividends to rubber hose the guy who can issue
> the updates to a bunch of activist, so both for the users and the
> operators safety something more robust ought to be done.

Interesting discussion.

For more inspiration, see also The Update Framework:
http://theupdateframework.com/

Especially their threat model given inspiration what other threats one
could defend against:
https://github.com/theupdateframework/tuf/blob/develop/SECURITY.md

Open Questions:
How to download and verify the host program in the first place?
How to download the secure downloader itself in censored countries?
How to download files in censored countries?
Torify downloads?

I think it would be best if such a tool was built into operating systems
or browsers by default. Otherwise there will be always a big hole in the
security concept.

It might also be interesting to see why Tor Project's Thandy project was
never completed.

> https://en.bitcoin.it/wiki/User:Gmaxwell/update_checking_requirements

Why make this a Bitcoin specific software? The lack of a secure
downloader is something way too many projects are affected by.



More information about the tor-talk mailing list