[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Operator straw poll: Reasons why you use Tor LTS versions?
> On 7. Sep 2019, at 12:20, teor <teor@xxxxxxxxxx> wrote:
>
> Hi,
>
> On 6 Sep 2019, at 20:14, Roman Mamedov <rm@xxxxxxxxxxx> wrote:
>
>>> Where does the security weakpoint risk come from? Does
>>> apt-transport-tor/onion service repository availability help in your
>>> mind here?
>>
>> As with adding any third-party repository, it means trusting the repository
>> provider to install and run any root-privilege code on the machine. In case
>> the repository server (or actually the release process, including signing) is
>> compromised, on the next update it can serve malicious or backdoored versions
>> of the software. So naturally from the security standpoint it is beneficial to
>> add (and trust) as few repositories as possible, just to reduce the "attack
>> surface".
>
> So one thing Tor could do here is run easily and securely without root?
>
> T
Not really I think. I kind of subscribe to the same argument (I think it is the
same argument at least) for almost all software I install:
- I want fast and low-risk updates in the case of a security update, so
please give me a patch that fixes only the security issue
- I want a low-hassle installation, so frequently updating (more frequently
than every other year or so) is really annoying. Especially if there could
be changes in the configuration that I have to adapt, and even more so if
I cannot have confidence that all configuration changes I might need to
make are given during the update.
- I never want a software to update without my knowledge, so absolutely no
phoning home for updates/automatically updating. Even without root. Being
able to execute a binary on a system is not very far from being root on
that system these days.
I think I apply this to every software with the exception of Tor, and for Tor
I only do it because of my project involvement and the big trust I put into
the maintainers of our repository. For other stuff, I just stop running it
if it doesn't work out of the box provided by my distribution.
Cheers
Sebastian
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays