
GNU: A Heuristic for Bad Cryptography - some_furry
https://soatok.blog/2020/07/08/gnu-a-heuristic-for-bad-cryptography#resubmit
======
hyustan
This is trying to show the GNU project in a bad light.

The GNS which most of the article focuses on has nothing to do with the GNU
project. Because pgp is from the 90's, gpg is an easy target mostly . The only
other halfway good data point in the line they're trying to draw is gnutls,
which is surely got its holes, but also wasn't afflicted with openssl's
heartbleed

~~~
MaxBarraclough
> The GNS which most of the article focuses on has nothing to do with the GNU
> project.

Doesn't it stand for _GNU Name System_?

~~~
ivanbakel
Tech is particularly famous for having similar names for very different
things.

The authors of the GNS IETF draft appear to be associated with GNUnet[0],
which _is_ an official GNU project. However, in defense of the OP, there may
be a level of indirection here - there's no clear link between the GNU
leadership and GNS: just GNU - GNUnet - GNS. It could be a purely GNUnet
initiative.

[0].
[https://en.wikipedia.org/wiki/GNUnet](https://en.wikipedia.org/wiki/GNUnet)

------
ajross
This seems like mostly the technical nitpicking that goes on with any crypto
protocol. There aren't any holes here, and as a competent non-expert I'm
having trouble deciding on whether any of these criticisms even rise to the
level of a theoretical vulnerability. It's all best practices and hygine
stuff. Which is fine, but hardly justfication for "Bad Cryptography".

I mean, these are the mistakes that everyone seems to make (including the blog
author, who seems to have retracted one of the bigger claims). Stuff happens
in engineering.

And the "GNU" angle is just bile, or a cynical attempt to get clicks by
leveraging hacker political sentiment. Yawn.

~~~
soatok
> It's all best practices and hygine stuff. Which is fine, but hardly
> justfication for "Bad Cryptography".

Cryptographers have spent years trying to clean up the GNU cryptography
ecosystem [1] [2].

[1]
[https://twitter.com/FiloSottile/status/1281055144659030016](https://twitter.com/FiloSottile/status/1281055144659030016)

[2] [https://lists.gnupg.org/pipermail/gcrypt-
devel/2015-November...](https://lists.gnupg.org/pipermail/gcrypt-
devel/2015-November/003618.html)

~~~
ajross
Isn't that true of almost every crypto protocol, though? As I mention, this
kind of stuff is absolutely routine. Free software protocols, open source
protocols, standardized protocols, proprietary protocols.

I get that crypto is hard (again, the messup in the central criticism in the
linked article is a great existence proof). I don't get why you feel like
taking potshots at GNU in particular is justified except to flog your personal
political agenda.

~~~
soatok
I don't have a personal political agenda here.

I'd love for GNU cryptography to be better, but the first step in fixing
problems is to acknowledge they exist in the first place.

GNUnet, GnuPG, etc. need to actually learn from modern cryptography projects
like age and Signal, instead of doubling down in the name of ideology.

~~~
detaro
I have no clue on what "ideology" they (who are they? The GNUnet developers?
The gnupg developers? all developers associated with GNU projects?) are
"doubling down" on in your opinion, despite reading the article.

------
xyzal
One of the linked articles references Magic Wormhole, which appears to be just
the file transfer tool I have been missing all the recent years.

[https://github.com/warner/magic-wormhole](https://github.com/warner/magic-
wormhole)

summary and example -> [https://techcrunch.com/2017/06/27/magic-wormhole-is-a-
clever...](https://techcrunch.com/2017/06/27/magic-wormhole-is-a-clever-way-
to-send-files-easily-and-securely/)

~~~
soatok
It's so good.

I've been meaning to write a GUI frontend (probably in Electron, but still) so
that desktop users can experience its magic, but I keep putting it off.

Maybe this weekend? :)

------
fluidcruft
> If you see the letters GNU in a systems design, and that system intersects
> with cryptography, I can almost guarantee that it will be badly designed to
> an alarming degree.

Battle of heuristics: furries vs GNU

------
dependenttypes
With this logic Signal is a "heuristic for bad cryptography" because it uses
CBC. Although I admit that GNU does not have a great track record.

~~~
some_furry
Signal uses AES-CBC + HMAC-SHA2 in encrypt-then-MAC.

If Signal used unauthenticated CBC mode, it would be bad cryptography.

Reference: [https://soatok.blog/2020/07/12/comparison-of-symmetric-
encry...](https://soatok.blog/2020/07/12/comparison-of-symmetric-encryption-
methods/#aes-gcm-vs-aes-cbc)

