Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Auditing of Auto-Update of software commonly used by Human Rights Defenders

Tony Arcieri bascule at
Mon May 19 19:24:39 PDT 2014

On Mon, May 19, 2014 at 1:02 PM, Fabio Pietrosanti (naif) <
lists at> wrote:

> But you should not just ask people to switch to a "more secure
> software", but also understand what software do they use, working
> towards to secure what they "are using today" .

If you really want secure updates, depending on your threat model doing it
correctly is a very difficult problem. Fixing what exists today on a
case-by-case basis is going to be quite a chore.

Particularly problematic is the case of an MitM who knows a vulnerability
but wants to prevent certain clients from getting software upgrades to fix
it, so they can simply prevent the updaters from dialing home and the user
is typically none the wiser.

Also note that most software update systems are one key (or sadly in many
cases, zero keys) away from being remote code execution vulnerabilities.

All of these attacks are covered by The Update Framework:

See their paper Survivable Key Compromise In Software Update Systems:;jsessionid=1046401A7F09F0F4F794359255756038?doi=

Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the liberationtech mailing list