Should package updates be downloaded over a secure transport (e.g. HTTPS) or not? The most likely transport-level failure is that the download will fail, e.g. middlebox blocked it, bad TLS config. Thus, I recommend trying both and not relying on transport later security at all.
-
Show this thread
-
Also, in the past every threat model we had for package updates included threats and modes of operation that transport-layer security cannot protect against, e.g. version downgrade. Of course, if you rely on package signing, your solution for it has to be correct and safe.
1 reply 1 retweet 3 likesShow this thread -
Replying to @BRIAN_____
"In order to not require defense-in-depth, use perfect code."pic.twitter.com/v7bcXXahBD
1 reply 0 retweets 1 like -
Replying to @ericlaw
Is this still true?: "Chrome Browser sends requests to multiple URLs when it’s checking for and downloading updates. The order of requests is determined dynamically at runtime. Both HTTP and HTTPS protocols might be tried." - https://support.google.com/chrome/a/answer/6350036?hl=en&visit_id=636725543582572857-3767229547&rd=1 …
1 reply 0 retweets 0 likes -
Replying to @BRIAN_____
Last I heard, yes, Omaha still falls back to HTTP. Chromium has a high degree of confidence in their integrity assurance mechanisms, including protection from fallback attacks, etc. Most other updaters I've seen have flaws.
1 reply 0 retweets 0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.