Multisig APT Repository

entr0py · February 17, 2016, 9:37pm

Is there such a thing as a Multisig APT Repository?
So multiple signatures would be needed to release updates should for example, @Patrick be detained and forced to sign malicious scripts? (And who would be brave enough to hold a key?)

Do warrant canaries (Warrant canary - Wikipedia) work? Couldn’t an adversay force you to issue an “all ok”?

Ego · February 17, 2016, 9:43pm

Good day,

Yes, that is the main problem these “canarys in the coalmine” have. They are a great thing in theory, however countrys like the US have laws in place which allow them to both, force someone to “work” with them and keep that “warrant” up.

Luckily, Patrick doesn’t live in the US but in Germany were, at the moment, there is no legislation in place which could make something like forcing someone who works on a “lawful project” (like Whonix) possible.

Have a nice day,

Ego

Patrick · February 17, 2016, 10:09pm

I don’t think Debian APT has it.

And a warrant canary only in states of the rule of law. Wouldn’t help against rubber hose crypto analysis. Wouldn’t help against non-state actors either.

entr0py · February 17, 2016, 10:20pm

Ok. Well, no honeymoons in Hawaii then, right?

Meh, at the rate we’re going, we’ll be banning Muslims, Mexicans, dog lovers, and Germans too - why not? - from entering the country anyway. TRUMP '16 BABY!

nurmagoz · February 18, 2016, 4:48am

well if they forced Tor and Debian to put backdoors inside them = no more Whonix,Tails,Hidden services…

and by this we conclude that IS really put America to sh*t on their pants , and the idiot America (idiots leading it) r destroying their own liberty/freedom in order to defend IS (specially lone-wolves).

sucha great country and brilliant strategy …

entr0py · February 18, 2016, 5:42pm

Tor and Debian get much more scrutiny and auditing than Whonix so I’m less worried about those. If there was a malicious Whonix update, who would know?

[way off-topic]

What makes America great are its Founding Principles and its Constitution that gives it the potential to be great. Realizing that potential requires a moral and educated populace. Americans tend to be law-abiding and caring people but education has been going downhill for decades and sometimes, ignorance trumps even morality.
EDIT: I’ll just add that it’s not surprising for the rest of the world to be frustrated and unnerved given the potential for the abuse of military and economic power.

HulaHoop · February 19, 2016, 6:22pm

The Debian archive maintainers do something similar:

https://ftp-master.debian.org/keys.html

entr0py · February 19, 2016, 7:13pm

That is cool.

Useful for single users too:
http://www.digital-scurf.org/software/libgfshare

Alice has a GPG secret key on a usb keyring. If she loses that keyring, she will have to revoke the key. This sucks because she go to conferences lots and is scared that she will, eventually, lose the key somewhere. So, if, instead she needed both her laptop and the usb keyring in order to have her secret key, losing one or the other does not compromise her gpg key. Now, if she splits the key into a 3-of-5 share, put one share on her desktop, one on the laptop, one on her server at home, and two on the keyring, then the keyring-plus-any-machine will yield the secret gpg key, but if she loses the keyring, She can reconstruct the gpg key (and thus make a new share, rendering the shares on the lost usb keyring worthless) with her three machines at home.

entr0py · February 19, 2016, 7:15pm

For multi-user use, I guess you would have to trust the key-splitter to securely erase others’ shares. And assume that the key-splitter is not under duress. Or have key-splitting parties!