It may sound difficult, but it’s actually a very trivial process. Why should we sign Git commits?Ī few days ago, I was at NDC Security and saw a talk by Phil Haack where he spoofed a “malicious” commit to look like it was made by Troy Hunt (who was also speaking). I went from not having a GPG key installed locally through to seeing my commits marked as Verified on GitHub. This tutorial walks you though the process I took to set up Git commit signing with my Keybase GPG key. Then, once you’ve your commits are signed, GitHub provides a nice interface for verifying commits have been signed and by whom. If you’re a Keybase user, it’s pretty easy to use your Keybase GPG key for signing your Git commits. It uses the author’s GPG key to leave a signature in the commit that can be checked later. It is an optional feature that provides a way for the author of a commit to prove ownership. The dozens of other users experiencing similar problems must be mistaken, too, about what they wanted their keys to do.A relatively unknown and underused feature of Git is the ability to cryptographically sign commits. The capital-followers at HN have killed the link to this page, because the perpetrator said there’s nothing to see here. He used all caps, so you know he means it. The guy who got paid a bunch of money to force these ads onto your profile said it’s not a backdoor. This is a common, accepted usage in cryptography circles: when a tool that is used for signing or encryption/decryption creates a signature or decrypts a message for anyone other than the user, especially without the knowledge or consent of that user, it has hijacked use of the user’s keys and is no longer serving that user, but a remote attacker. Keybase themselves have used the term ‘backdoor’ to refer to an encryption program signing additional, unwanted keys against a user’s wishes. There seems to be some semantic bickering around whether or not an encryption tool silently making signatures in violation of a user’s wishes (and in service of the financial aims of the maker of that tool) qualifies as a “backdoor”. I have filed this as a bug, although I doubt it will be addressed sufficiently, as this is intentional behavior on the part of Keybase, who have hopefully been well-paid by Stellar for entirely undermining their tool’s trust. I don’t have an alternative for you, but if selling out your users and violating their trust and consent (and, by extension, fraudulently claiming that published cryptocurrency addresses represent payment addresses for your users) is the best you can think of, then perhaps you should give up and stop existing as a concern. Keybase, I understand that you have no good revenue model. There is no option to remove this payment address from my Keybase profile, turning my Keybase profile page into an ad for a shitcoin, using my name, face, and identity as an implicit endorsement for Stellar. Note: DO NOT send payments to this address! I don’t have the keys for this address, don’t control this address, and don’t want any XLM shitcoins even if I did–despite what Keybase’s client has claimed with my private keys. But in this instance, Keybase’s software decided to sign, for a user, without their knowledge or consent, an attestation saying that username*keybase.io is a legitimate stellar payment address for the user-even if the user has never heard of it. Of course, the user controls their keys using Keybase’s software, which, under normal circumstances, means the user controls their keys. This is done without any user interaction or consent, violating the fundamental principle of Keybase’s product until now: the user controls their keys. Keybase updated their iOS client to sign an attestation, as a user, that a given stellar address belongs to them, even if it does not. It seems that Stellar, the extremely well-funded and well-marketed cryptocurrency, has struck a deal with Keybase to “airdrop” (give away) their tokens to keybase users in an effort to drive adoption. Keybase’s iOS client has received a backdoor.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |