Hacker News new | past | comments | ask | show | jobs | submit login
LibreSSL: More Than 30 Days Later (openbsd.org)
332 points by lflux on Sept 28, 2014 | hide | past | web | favorite | 104 comments

I've said this before, but kudos to the OpenBSD Project for shouldering a disproportionate share of the burden of maintaining core bits of our libre/open infrastructure. I can't think of anyone in tech who has not benefited mightily from OpenSSH and who will not benefit mightily from LibreSSL.

This article is a good reminder for me to get off my arse and cut my meager grad-student checks to the EFF and OpenBSD project.

> disproportionate share

Disproportionate based on/compared to what? (I agree that the openbsd folks do a ton of good, I am just trying to understand your references here)

What spindritf said. OpenBSD has an extraordinarily high impact-to-X ratio, for many values of X (funding, notoriety, number of contributors, unnecessary problematization, glamor, etc.).

Even though I'm more likely to use OS X or Linux these days than OpenBSD, OpenBSD would fare better in the absence of most Linux distros, than most Linux distros would fare without OpenBSD.

You're probably using plenty of OpenBSD software anyways like pf in OSX

Wow, I'd forgotten that one. I guess that really proves the point about OpenBSD being everywhere.

Well, they take on responsibility as stewards, which means they will be the target of criticisms and backdoor attempts, and will need to meet the demands of downstream demand for fixes, requests and help. They also need to (have already) spend time on understanding the code, development and integration. They need to communicate the problems with OpenSSL and what they've done to other people within the ecosystem.

Market share, funding... Pretty much any metric.

A lot of the work they do on their packages and in base stuff is pushed upstream to properly support security features OpenBSD supports. Everyone benefits from this because then such features can be enabled everywhere with less pain.

if you can get five people to buy CDs, and maybe two of them get another two or three to buy CDs, you'll have done much more good for the project than cutting a check.

How so? I don't have a computer with optical media anymore, and am most likely to install OpenBSD via network. Is there something about CD sales in particular that helps the project more than a straight up check? I'm happy to cut the check directly to the project even though that isn't tax deductible (though I think there's a foundation that is--though they're restricted on how they can spend those funds).

You can make a direct donation. http://www.openbsd.org/donations.html

I agree that the CDs are becoming an anachronism, but they still provide an easy way to contribute to the project. Buy the CD, throw it away if you don't need it.

This sort of culture needs to be weeded out. We are perfectly able to create enough waste as it is, there should be no need to advocate this sort of mentality any further. Either donate directly or don't.

Are you seriously saying that buying something and throwing it away is better than donating the same amount of money?

Slackware: I donated the cost of the DVDs plus postage. Seemed silly to shift atoms across an ocean when the bits can trickle down the phone line from a mirror server about 60 miles away.

Are there any strange tax or accounting advantages for the organisation I'm supporting if I buy actual stuff rather than donating?

I don't know about Canadian tax law, but in the US there is no benefit to earned revenue over contributed revenue, and often having a high number of individual donors can be advantageous for granting reasons.

I've seen some strange things related to exports (primarily because the law seems to be moving at a glacial speed compared to reality). So, e.g. a product exported to another country may be exempt from local VAT (so you can "zero rate" it, hence the checkbox that sometimes appears on order pages). This gets a bit blurry when it comes to digital software sales - is it a product you are shipping to another country? Or is it a service you are rendering in your own country (and thus, not exempt from VAT)?

Not necessarily better but perhaps easier. For example your employer may not have an issue with an expense charge for software CDs but might have a problem with a paypal payment to "deraadt"

Nah, it's better to use donations to support the project. CDs are kinda lost technology these days.

ps. Donations by users are kinda hard to help (in term of numbers) but donations from companies, should be really waaaaaay more towards all BSD project but ESPECIALLY towards OpenBSD for reasons already mentioned.

Among the good and bad stories this year, so far, LibreSSL is the good story of the year.

Also happy to hear a bit about the ressl API. To me it sounds like a focused, high-level API that makes it easy to get right and hard to get wrong. So kind of like NaCl. It's clearly the future -- look at the huge amount of software being written for Sodium now, for example. It's huge.

The very same tedunangst wrote a piece about this API: http://www.tedunangst.com/flak/post/goreSSL

In which you can see the clear focus on usability rather than capability. To examplify how easy it is, he actually implements the API with a go "backend".

I also really like the concept of a simple API where you can't go wrong by default, hope it can make its way into other pieces of software as well.

Relatedly is there an SSL implementation based on NaCL anywhere?

Not exactly the same thing, but there's CurveCP which is essentially a TCP replacement for creating encrypted communication tunnels. It is part of NaCL and uses the same crypto primitives.

It's a really interesting project, but it's not ready for production use just yet, and even when it is I don't think that replacing SSL is necessarily what it's targeting.

> In particular, we answer the question "What would the user like to do?" and not "What does the TLS protocol allow the user to do?"

This makes me think of the laudable approach taken by the developers for the Cryptography library for python. Expose functions to users with sane and safe settings to users, and provide the abilities to override the defaults if you really must (but in such a manner that it's extremely clear that you're stepping into dangerous territory)

Interesting and quick work. The story of the libcrypto SRP glass house makes me feel like a little kid who just heard a ghost story.

Is OpenSSL being notified of security bugs you all find in your pairing down process?

> Is OpenSSL being notified of security bugs you all find in your pairing down process?

Determining whether a bug can actually be exploited (on what system, under what configuration?) is hard work, and it's harder still to prove a negative. Mostly the OpenBSD devs just fix the bug and move on. If it looks like the typical kind of a bug that could lead to crashes, they release a patch against the previous two releases (assuming the code is present there).

A lot of the bugs they fix turn out to be "security bugs" only long after someone else finds that out on a version of the code running on another system not hardened by the OpenBSD devs.

After 5.6, if any serious bug is found, you can expect to find a patch for it on http://www.openbsd.org/errata56.html ; however, as the code between LibreSSL and OpenSSL diverges, it won't be obvious whether they apply to OpenSSL at all.

It's pretty surprising that they are using CVS for a new project

OpenBSD is developed as a complete operating system following a cathedral model. LibreSSL is part of the OpenBSD base system (as libssl), which is hosted on CVS. Naturally, so will LibreSSL.

Every single last thread about OpenBSD or one of their projects has this same exact statement in it ...

What's so surprising? OpenBSD folks don't fall for the next new shiny thing. 10 years from now, something else might take over git, and everyone will jump to it. OpenBSD folks don't care, if what they have works, they stick to it.

They do actually use Git a little. Both the OpenBSD & the Portable LibreSSL source code have mirrors on Github that are updated in sync with the CVS repository.

Whether that's because there's a demand to host the code on Github as well, or because they like Git, or a little of both is something I wouldn't presume to know.

Every so often the shiny new things are actually better.

Do you consider "git" a shiny new thing?

Using CVS over git in this day and age is a very dumb decision. They may make up for it in other, good decisions. But this decision is a dumb one.

They aren't using CVS over Git. They're keeping CVS instead of spending months on a migration path to move to a new system that, while has some benefits over their current solution, does essentially the same thing as their current solution, manage source code. They then take all the time they saved not migrating to Git to patch bugs and continue their release cycle so that the next time a critical SSL or SSH vulnerability comes out with a fancy logo and catchy name people don't deride them on Hacker News for wasting all that time moving to Git instead of working on their security products.

But, if you don't think you can contribute code or money to the BSD folks, but really think that they are stupid, you can certainly convince them that moving to git is a good idea by developing a roadmap and reconfiguring their infrastructure. I'm sure they'd appreciate your effort.

You're assuming that any productivity gains made by switching to git (or something else modern) would be overshadowed by the time and effort it'd take to migrate. I don't have any evidence either way, and I bet you don't either.

(Most) people don't use git (or hg, or whatever) because it's shiny and new, but because it gives them a better workflow and higher productivity.

You can still use git with cvs backend.

Probably migration to svn would be smarted since it doesn't change current workflow, granted they actually have a need to migrate.

And you are assuming there are productivity gains. Their workflow is handled just fine by cvs. Moving to git would provide very little benefit.

As I said, I'm not assuming anything, and don't know either way. I suspect you don't either, so it's silly to reject the idea of migrating out of hand.

Why do you suspect that? I was an openbsd developer. I am quite familiar with their workflow, and cvs suits it perfectly well. There is virtually no gain for them to move to git, and a ton of pain.

> But this decision is a dumb one.

What is it with this obsession with telling people how to get sh't done? If they write their code on used kleenex using wax crayons and share that using carrier pigeons, I don't give a sh't as long as the finished product is fine.

It's a perfect example of bike-shedding.

Most readers have no way of evaluating their crypto primitives, or their nuclear power plant, or a zillion other things.

But we can evaluate their source control!

That bike shed would be way more robust if you used FP to paint it.

That's fine, but if (and I have no idea if this is the case here) their reason for not wanting to switch to a new source control system is mere stubbornness, they might find that switching to a more efficient source control system frees them up to write even more good code, fix more bugs, etc.

It is not mere stubbornness.

The main reason is that CVS works well enough for our purposes. Most of the diff sharing and discussion happens over email anyway. That's where all the action is.

The main use case is that CVS distributes OK'd patches and allows us to revert them if they are later found to cause problems.

Everyone works on the head branch so there are never any surprises caused by delayed integration. Instead of using branches, the workflow switches between development mode and release mode when the time is right. Release branches receive only a handful of patches (usually less than 10) for the most critical issues discovered during their 1 year maintenance period. Again, CVS is entirely adequate for that.

It's not like there was no usage of git at all. Some devs actually use git in private and even mail git-generated diffs around. If those diffs fail to apply to the CVS tree the burden is on them to fix that. Since x.org runs git, all the X11 and other graphics code is ported to OpenBSD in git branches by our X maintainers and committed to the main CVS tree once it's ready to go live. This can be cumbersome but there's always a price to pay when integrating code from third parties that use different tooling.


You don't provide any compelling evidence to the contrary.

OpenBSD was one of the first open source projects to make their CVS repositories public, you can read more about it in Chuck Cranor and Theo de Raadt's paper on Anonymous CVS.



It makes sense, if you consider the fact they have been using for the last ~18 years.

I think it fits their development process very well.

I assume they don't use branches, or merges, or any of the other VCS features which git/mercurial have and which are difficult to do or even impossible in CVS.

Incorrect, partly.

The release cycle is illustrated here: http://www.openbsd.org/papers/asiabsdcon2009-release_enginee...

They do branch and tag the tree for releases, but development is done in HEAD not in branches as would be customary for git.

I'm not an OpenBSD developer but my understanding is that the branches are used for subsequent patching of that release, not as part of "normal" new development work.

You really think big projects didn't branch or merge before git was developed?

I'm sure they did. But wasn't it painful before git/mercurial? That's what I heard from people who used CVS in the past.

It is/was painful if you try to merge multiple diverging branches. The CVS solution to that is generally "don't do that", or for everyone on long lasting branches to rebase as frequently as possible.

But this is not all that much of a problem in small cohesive teams where everyone with commit rights knows what the others are likely to be working on.

CVS was difficult but there were non distributed vcs that had easy branching.

In practice, a lot of the stuff that was difficult about branching and merging was just handled outside the VCS, and projects had rules about what you'd do inside the VCS. It worked, and still does for OpenBSD.

At Arbor, the last CVS job I worked (back in ~2003), we did release and dev branches no problem. I don't remember fretting about it much.

The big issue I remember is, it was a much bigger deal not to break the build.

If you know anything about the OpenBSD project it really isn't surprising at all.

Not everyone does "know anything about the OpenBSD project". So instead of the smug comment, why not just explain why this isn't surprising?

It works well for the way they do development and releases, and all their build and test infrastructure is built to use it. And part of it is it's "the devil you know."

I have heard that a lot of their devs will use git or hg on their local checkout to help manage their own dev environment.

You can find out more about the openbsd philosophy by reading some of the presentations on it at http://www.openbsd.org/papers/

To me the comment didn't sound smug at all -- instead it was sort of an insider joke referring to OpenBSD's philosophy to use only heavily battle tested, rock solid software not unlike CVS.

They've always held on to CVS, taking it so far that they've taken upon themselves to support their own fork of CVS going forward.

Fun fact: they are not alone in this, I am aware of at least two startups that do the same thing to CVS (one already acquired by Cisco, the other one is ongoing).

And having used CVS myself, I strongly disagree with any connotation of "productivity loss because of old SCM" etc. — it all depends on workflow. Kind of like Vim certainly isn't inherently less productive than a shiny new Visual Studio 2022.

There is some agonizing done over the rewrite culminating in the need for a redesign of the API. I've wondered why there wasn't a light-weight library that simply implemented the smallest number of protocols to delivered the necessary components for a secure HTTPS connection. You'd have some other library for other protocols, but this one should have the feature of being as light-weight (and small) as possible. Wouldn't that be the cyphersuite of choice for most hosting facilities?

Off-topic, but the markup of that page is really interesting. I've never seen someone do this before:

<h1>LibreSSL: More Than 30 Days Later</h1> Ted Unangst<p> tedu@openbsd.org<p>

LibreSSL was officially announced to the world just about exactly five months ago. Bob spoke at BSDCan about the first 30 days. For those who weren't there, I'll quickly rehash some of that material. Also, it's always best to start at the beginning, but then I'll try to focus on some new material and updates.



> At the moment we are too busy deleting and rewriting code to make a decent web page. No we don't want help making web pages, thank you.

> This page scientifically designed to annoy web hipsters. Donate now to stop the Comic Sans and Blink Tags

What's so strange about this markup? It's plain html.

He's probably unaware of tag omission[1].

The site uses it incorrectly, though: The <p> tag belongs at the start of a paragraph - it is not a separator like <br>.

[1] http://www.w3.org/TR/html-markup/p.html#p-tags

It is wrong in a rather odd way. Whoever did it seems to think paragraph tags are just line breaks.

http://www.w3.org/TR/html-markup/p.html#p-tags <p> don't need closing tags

i prefer closing tags personally, but its not required.

I didn't say they did. They are not positioned as paragraph tags, they are positioned at the end of the paragraphs as if they were line breaks.

It kinda bugs me when time-sensitive articles (like those about software) are published without a date on them. The article does not mention a date when it was written, I assume it was recently. It mentions "2014-09-09 FreeBSD advisory", and the date today is 2014-09-28, so September 2014 is a good bet.

It was presented at EuroBSDCon2014, but you're right that's not really obvious IN the paper (it is indicated in the URL).

A more chronological catalog is at http://www.openbsd.org/papers/

Btw I enjoy the article. Thanks for writing it.

> Look at all the points where memory is allocated, and then make sure it is freed, exactly one time, no more, no less.

C is clearly the wrong language for something this security critical if that's where your bugs are. C++ solved this many years ago.

While I agree that C is the wrong language for security-critical applications (and I write this as a mostly C developer myself), I strongly disagree that C++ is a better language. Sure, it has constructors and destructors and pass-by-reference, but that's not enough, and cons/destr's don't fit the common memory usage-model of performance-critical applications (where an SSL library is often used), which use preallocated memory pools.

Seems like an area where Rust could really shine.

How about Ada?

I think - please correct me if I'm wrong - that Ada has pretty much the same problems as C if you use manual dynamic memory management. Ada supports Garbage Collection in theory, but it is optional, and I don't think many implementations actually supply a GC. Especially since Ada apparently is often used in realtime systems where dynamic memory management is usually avoided altogether (there is a subset of Ada specifically designed for building realtime software that explicitly prohibits any dynamic memory management).

Ada is - as far as I remember - much safer with regards to buffer overflows and bounds checking. But the bigger problem is probably that far more developers know C than Ada, and that something like an SSL library intended for widespread use needs to work with many different compilers and linkers. If you use GCC, I think it is possible to compile Ada code using the GNU Ada compiler and link it to C code compiled using the GNU C compiler, but I am not sure how things look if you use some other C compiler.

It'll probably be better once the placement box becomes pluggable (so that it's possible to use specific allocators piecemeal)

Good pun.

Well, good then that C++ allows you to easily use your own memory allocation scheme via custom allocators. You can even use STL's data structures :-).

You had me up to "C++."

I fixed a double-delete bug just this month in some c++ code.

So? I didn't say no C++ code has bugs. I said C++ is a better language for eliminating memory errors. Obviously this only happens if you take advantage of the features that allow that (RAII, smart pointers, etc).


* it's broken on other platforms

* they broke features in their releases (no QA/testing?)

* they're making a new API based on requirements of their own programs that doesn't provide many of the OpenSSL features.

* they're using CVS, no public code reviews available. There's no evidence some of the changes were reviewed by someone other than who made the commit. (OpenSSL now does reviews)

* no public audit available.

* they have some hateful note about hipsters on their web page as an excuse after 5 months to not make it readable. So unprofessional it hurts.

* Most changes were done five months ago, with not much at all done for two months.

* The test/ directory has very few changes at all. No extra tests have been added.

* I can't find a release plan, architecture documentation, or any documentation a serious software project should have. (OpenSSL is working on these though)

Finally... their official distribution website doesn't use SSL. That's a major security issue of the face palm variety.

Not. Inspiring. Confidence.

The OpenSSL project on the other hand has been doing some good work. Please see the projects road map from July to see what they are changing. https://www.openssl.org/about/roadmap.html

* It's broken on other platforms, because those platforms are unable to provide sufficient primitives. LibreSSL directly inspired the introduction of a long-needed getrandom(2) syscall in Linux, and the LibreSSL-portable release still works on a decent number of platforms that will definitely be growing. Did you forget this is an early project? If anything, LibreSSL will ensure that other platforms get off their asses and actually do something about security, as OpenBSD has been trying to yell about for so long.

* In case you missed the memo, LibreSSL wasn't stable back then (nor is it still, AFAIK). Of course things will break, it was still development releases and pre-alpha testing. You can't fix a mess without inevitably breaking someone's workflow.

* They're making an API that will improve on the cruft of the old one, and actually be reasonably sane. Being agnostic of implementation internals will mean easier language bindings. They also explicitly stated it's meant to be independent of LibreSSL and can be adapted to other stacks.

* Stop bikeshedding about version control. It gets old. OpenBSD has had probably the most proactive security auditing and code review practices out of any other project in nearly two decades: http://www.openbsd.org/security.html. Code review isn't some magic process, it's a practice that can be done using a variety of methods. No doubt independent audits will emerge as soon as LibreSSL nears sufficient finalization.

The LibreSSL website is only a brochure. It's made to be "unprofessional" on purpose. The developers have a technical, no-bullshit and take-no-prisoners attitude.

And of course, next time we hear of OpenBSD having more difficulties, people will jump about Theo de Raadt being mean. I'm starting to understand where he comes from.

> And of course, next time we hear of OpenBSD having more difficulties, people will jump about Theo de Raadt being mean. I'm starting to understand where he comes from.

The stuff about the "hipsters" comment is not about being mean, it's about needlessly pointlessly being mean.

This stuff matters. It matters because it creates division for no gain.

Why not just use comic sans and make no comment? Why not use fixed-width?

Why not just use comic sans and make no comment? Why not use fixed-width?

It might be bad manners to spill the beans, but it's a very deliberate move. The comic sans and hipster jab let them identify the people who want to bikeshed presentation instead of content.

We get it; as a hipster, you find it offensive. we all get it.

Where is their release plan? The files don't say alpha anywhere.

Version control matters when you don't know who actually made the change. Are the changes signed? No. Besides, my main point was a lack of openness about code reviews. They're not public, and there's no evidence they are even done.

An accessible readable website happens to be important to people, and is a legal requirement in Canada. Documentation is important, and there is none on their website. How do we know what changes they made? Documentation is part of software, and they have none. Fail.

If they want to be jerks and bash other projects, they should be able to take crits themselves.

They clearly state in the article that there hasn't been much activity for periods of time. You can see yourself by looking at the project history in CVS.

How are OpenBSD bashing other projects? The only person bashing projects here is you, for spreading FUD and disinfo like "LibreSSL hasn't seen nearly any commits for 2 months and most of the work was done 5 months ago", because clearly you have no idea how to navigate a source directory and only looked at the top level. See: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/src/..., for example.

The documentation is largely identical with OpenSSL's currently, I presume. This will change once the new ressl API is introduced. No extra tests have been added because there are no new major components that need testing yet.

For changes, you look at their source repository?

Take your personal vendettas elsewhere.

> An accessible readable website ... is a legal requirement in Canada.

Could you help me out with a pointer in the right direction to find/understand this legal requirement? I did a little googling, and could only find evidence of laws that restrict the government itself.

* Nah, the BSD guys are removing their dependency on OpenSSL, which is terribly broken for a number of reasons. They are not offering to replace OpenSSL for everyone on every platform. That's not their goal. They've said this from the beginning. But not all is lost for you (the non-BSD guy complaining that BSD codes doesn't work outside BSD). Eventually the code will make it downstream. And they've dedicated a lot of thought to how to do that in a more secure manner than OpenSSL. Inspiring.

* They kept the core functionality intact. Were you going to use heartbeats over TCP? Do you know even know what it is? How many of those on-by-default-workarounds were you using? Yeah they removed features. But for crypto code the lack of a rats nest is a feature.

* They are maintaining compatibility with the old API for legacy code and developing a more sane API. Do you have something constructive to say about how an API might look for interop with your favorite flavor of software? Great! To the mailing list with you!

* This was a tear down of code, not a reimplementation from scratch. But yeah, I agree. People should be looking over LibreSSL much more closely than OpenSSL. Sounds like that's something you would be interested in? ;)

* It's open source? And there are discussions on the mailing list? What kind of public audit did you have in mind?

* Don't really think hipster comments have much to do with LibreSSL's quality?

* Can you point to evidence of the claim that not much has been changed in the last two months? Can you point to things you would have liked to see change?

* No extra tests are needed, as they removed features. As features get added, yeah they're going to need to add some tests.

* They don't exactly sit around in conference rooms and write reports for upper management. Have you checked out their mailing list?

Aren't their packages signed and CVS transported over SSL? It's not like the code/packages are compromised. Otherwise, yeah I agree. It would be nice to have secure hateful hipster notes. ;). Kidding aside there's no reason not to add SSL. They should get on that.

I'm thankful that someone is doing something about OpenSSL, which is a blight. I'm sorry I can't personally afford to do more to help. Criticality is a positive thing, especially with regard to crypto/security code. But aren't you being a little smidge cynical?

The claim not much has changed can be substantiated by reading the article, and by looking in CVS.

Modern code review tools provide public conversation of the code in question, and allow people to sign off on it. Is LibreSSL doing this? How can I trace a change or branch to a discussion (if there are even branches)? How are others supposed to easily look into their changes? They say this is a problem in the article we are talking about with their 12,000+ line diffs.

What kind of audit? The traditional kind. Like the third party one the OpenSSL people are funding.

Extra tests would be good if they are rewriting functions, which according to the article is what they did past month one. Is their test plan do a release and see what happens? I can't tell, since I can't see a test plan anywhere. If you're changing a function, and not doing so with even basic tests, and are holding your development practices up as 'best practice' you are lying.

I'm being cynical because I care. They aren't doing many things the OpenSSL project themselves were taken to task for. As well, the OpenSSL project has now taken on many of the practices that LibreSSL are doing, but also they're doing much more (see their roadmap https://www.openssl.org/about/roadmap.html). To let LibreSSL get away with being careless is kind of silly when they are holding it up as being better.

Sounds like a whole lot of bikeshedding to me. Most of what you're suggesting doesn't apply, won't improve things, is a higher standard than we require of competing implementations or are being done already.

It's fantastic you care though! I highly suggest you write some additional tests where you feel that there are test gaps or write a comprehensive test plan. I bet they'll happily accept test code/plans!

> they have some hateful note about hipsters on their web page as an excuse after 5 months to not make it readable. So unprofessional it hurts.

Are you talking about this http://www.libressl.org/ ? That's one of the most readable webpage ever.

> Are you talking about this http://www.libressl.org/ ? That's one of the most readable webpage ever.

Oh indeed. Somebody needs to check out http://motherfuckingwebsite.com/ :-)

On iOS the font used to be a horrible script - really hard to read.

Currently it's comic sans (or a clone of it).

I personally fucking love the site and wish wish wish more people would stop throwing weird stuff in websites. I do think the dig at hipsters is pointlessly antagonistic. Isn't there an evangelism guide for people in open source projects?

> evangelism guide for people in open source projects

There are, tons of them. OpenBSD traditionally doesn't give a fuck, and backs up that attitude by shipping solid products.

Not exactly surprising given the history of the project (started by de raadt after being kicked out of NetBSD for being hard to work with).

If external reviews, github pull requests and documentation galore are important to the GP, they better stop using OpenSSH, which is developed using the same unfathomable development methods as libressl.

> On iOS the font used to be a horrible script - really hard to read.

That is odd, it is perfectly readable on my phone.

> Currently it's comic sans (or a clone of it).

Chalkboard: http://www.identifont.com/differences?first=Comic+Sans&secon...

Uhh, on your final point, they have signed checksums with the releases.

> they have signed checksums with the releases

Which might be OK for making sure the download isn't corrupted, but are useless for defending against an attacker, since the checksums themselves are hosted on a non-HTTPS site.

You're supposed to check the signature with the key you got "out of band". That means good security practice. Even if you get the key from a SSL/TLS enabled site, you can't guarantee it's the right one, CAs can be compromised. The checksum is to let you check if the download is corrupted and the signature is to check against the key you already have. Other forms of checking are just false sense of security.

Of course. I somehow missed the signed part, and now I feel stupid.

Um. You can't forge signed checksums unless you have their private key...

An attacker wouldn't MITM your download, they would take control over your mirror and serve bad copies. Hence the signatures.

SSL secured downloads would be pretty much snake oil for ensuring file integrity end-to-end. You will find the same practice pretty much everywhere among the larger projects.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact