Signed BTS Download?

[karnal]

Awesome xeroc. That's good news indeed.

[xeroc]

From what I read, the devs acknowledge this fact and are working on it .. I offered by help for creating a robust release process .. we are getting there

[karnal]

Agreed. I don't think there's any valid excuse for the downloads to not be signed this late in the game.

But at the same time I'm also saying, you can, with reasonable certainty, make sure that you got the good stuff from github. It's far more likely that the code has been trojaned than for your downloads to be intercepted thrice from different networks.

It's your funds and your choice, but since you started the thread, I'm giving you my opinion: as a netsec guy, I would simply download the source code and compile it myself. There are ways (and I have nontrivial amounts of funds in the BTS ecosystem as well) to go about this.

That doens't invalidate your point that the distributed binaries should be signed - it really is amateurish that they are not at this point, and I hope the situation is corrected in the near future. Maybe I'll open a github issue later today about it.

[Sage]

I'm securing a significant amount.  And yes, I have a great plan for all other possible loss vectors.

It's so simple to sign a file. Why it's not done on a crypto project like this is crazy if you ask me.

[karnal]

@Sage,  I 100% agree the wallet should be signed, but in the mean time, really, don't let that stop you.

As it stands today, the kind of attack you're worried about is EXTREMELY rare, as all the parties capable of executing it would risk a very likely chance of being detected (something they're not in the business of being).

That sort of stuff is usually precise and targeted.

If you download the wallet from a few different locations and come up with the exact same checksum, chances are extremely, extremely unlikely that your session got hijacked by someone with the ability to inject a valid TLS certificate just for you.

Remember "they" can't see which download you're requesting from GitHub, as it's TLS-secured, so "they"'d have to MiTM *ALL* of the connections to github.com (obviously not going to happen as by then it's pretty much guaranteed the attack will be detected).

If *you* get targeted, then simply put, there is no way that if you do this from 3 different locations that it can be correlated and traced back to you.


If you worry at that level, then you ought to worry that whoever put the binaries on GitHub has been compromised without their knowledge, and the public software available for download is actually trojaned -- this is FAR more likely than your connection being mitm'd 3 times, yielding the same trojaned binary all 3 times, from 3 different locations, indicating that there's actually a country-wide attack against github.com going on (remember, without access to the private key for the TLS certificate for github.com, network observers can't actually tell what you're doing over github.com)


You could also try compiling the software yourself, at least on certain distros of Linux it's not a big thing, if you can follow (simple) technical instructions.


If you're so worried about this stuff, then I hope you have a great plan for storing your wallet seed and how to securely have a thousands-of-characters random password in place!

[Sage]

Please devs, sign the BTS wallet download, and publish the key so we can verify the download.

I have significant amount to secure, and simply cannot risk the 'unlikely' man in the middle or spoofing attack.