Modify

Opened 2 years ago

Last modified 2 years ago

#20592 new defect

Feature Request: Firmware Binaries and Source tarballs should be GPG signed

Reported by: tonemgub Owned by:
Priority: normal Milestone:
Component: website Version: Trunk
Keywords: Cc:

Description

This type of attack is far too common and easily prevented:
1) Attacker gains access to backend server or mirror.
2) Attacker Releases tampered/backdoored binary onto the server without any GPG signature.
3) All end users are infected with no way to check that they received the correct binary - Virus spreads.

The router is one of the most important devices in your network, since ALL traffic flows through it. Should it become compromised all your network traffic could also be compromised, from passwords traversing the network, to other computers and devices inside of it.

It is for this reason I would request that OpenWRT begin to sign the released firmware binaries and source tarballs moving forward.

In the event this server, or any community mirrors, are compromised - the end user can be confident that they are receiving an untampered binary by verifying the GPG signature.

Relevant sources -
How to use GPG: http://www.thegeekstuff.com/2013/04/gnupg-digital-signatures/

Actual Attacks:
http://www.aldeid.com/wiki/Exploits/proftpd-1.3.3c-backdoor
https://lwn.net/Articles/450181/

Thank you for this important consideration.

Attachments (0)

Change History (1)

comment:1 Changed 2 years ago by simon.vetter

I strongly second that. +1.

Add Comment

Modify Ticket

Action
as new .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.