Security and TOFU

vineet garg grgvineet at gmail.com
Tue Nov 15 06:16:55 UTC 2016 

On Mon, Nov 14, 2016 at 8:37 PM, Giedrius <iksius at gmail.com> wrote:

>

> What I am thinking about is not security of SSL or encryption
> algorithms but rather trust-on-first-use method. As I understand this
> method mostly relies on users ability to check and validate
> certificate fingerprints. It might be ok for SSH where users can be
> expected to be IT and security savvy, but in my opinion it is not ok
> for a regular user. First of all certificate validation is not
> enforced in any way, so the average user most often would just ignore
> this step. Also, certificate fingerprints are quite complicated and
> can make validation error prone or may discourage the validation step
> altogether  (I am not sure how feasable it is, but an attacker could
> try to generate its own certificates which would produce similar
> fingerprints). Are such my wories invalid?

Generating a certificate is not possible. Even if the certificates are self
signed, the private key is intact with the user and generating private key
from public key in certificate is unfeasible according to computing power
requirements.



>
>
> As I said, I am not security expert and I would be very glad if
> someone corrected me :)
>
> Giedrius
>
> > Nothing in this life is completely fail- or hack-proof, but I think KDE
> > Connect security is, at this point, pretty decent :)
> >
> > Since the recent version 1.0, it uses SSL and trust-on-first-use, like
SSH
> > (which you could say is not hack-proof either, nothing is). Of course,
SSH
> > has likely been audited way more than kdeconnect, so if you are a
security
> > specialist and want to check kdeconnect for implementation errors or
other
> > security flaws, it would be of great help!
> >
> > Albert
> >
> > On Sun, Nov 13, 2016 at 6:50 PM, ixius ixius <iksius at gmail.com> wrote:
> >
> > > Hello,
> > >
> > > I am concerned about security aspect of the kde-connect pairing
procedure.
> > > I am no expert in security but as I understand the pairing of the
devices
> > > currently is not completely fail-(or hack-)proof. Am I right or am I
> > > missing something? And if I am not wrong, I wonder if there are any
plans
> > > to solve the issues?
> > >
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kdeconnect/attachments/20161115/777c4ed8/attachment.html>

More information about the KDEConnect mailing list