Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: integrity of commercial CD set

From: Enos D'Andrea (temp4282138782edlabs.it)
Date: Wed Jan 14 2015 - 07:32:07 CST

On 14/01/2015 12:24, Stefan Sperling wrote:

> Bootstrapping trust is always going to be hard no matter what we do
> and how hard we try. [...] Now the answer has become "buy a CD
> and cross-check it with signify" and it's still not enough. [...]


"Buying a CD" in my case includes a 5.000 mile trip through multiple
"five-eyes" nations, whose overzealous three letter agencies officially
intercept physical shipments to install backdoors and hardware implants.

"Cross-checking" of OpenBSD commercial CD sets at present can only be
partial, as no official full checksums seem to be provided. Even
cross-checking *all* files referenced by the ISO filesystem would still
allow a malicious boot sector to directly reference unallocated space.

Let's call a spade a spade: the worst-case scenario is an APT
intercepting the shipment of a commercial CD set, substitute one or more
CDs and repackage it. Extremely unlikely for the average person,
not-so-much for IT security consultants with important clients.



Enos D'Andrea