Moving bitcoin.org to a hardened server?

[Herodes]

I just got aware of the fact that bitcoin.org is served through pages.github.com.

Code:

 ping www.bitcoin.org
PING bitcoin.org (207.97.227.245) 56(84) bytes of data.
64 bytes from pages.github.com (207.97.227.245)

I haven't develved deep into the issues surrounding github.com, neither have I used it much,
but there's been some writings about compromises of github during the last months, so I was
wondering if we would not be safer off disconnecting the bitcoin.org page with it's downloadable
binaries completely from github.com.

Could a github compromise lead to binaries on bitcoin.org being compromised ? With the current
setup, it seems so.

In my personal opinion, bitcoin.org along with it's binaries should be hosted on a hardened server,
separate from any other service.

Please discuss.

[Deafboy]

You mean... people can lose money because of hosting provider? Ridiculous...
/sarcasm

[Herodes]

You mean... people can lose money because of hosting provider? Ridiculous...
/sarcasm

Sarcasm goes well with me, however, it could also be an external attack. We seek non-centralization, no ?

[kjj]

I just got aware of the fact that bitcoin.org is served through pages.github.com.

Code:

 ping www.bitcoin.org
PING bitcoin.org (207.97.227.245) 56(84) bytes of data.
64 bytes from pages.github.com (207.97.227.245)

I haven't develved deep into the issues surrounding github.com, neither have I used it much,
but there's been some writings about compromises of github during the last months, so I was
wondering if we would not be safer off disconnecting the bitcoin.org page with it's downloadable
binaries completely from github.com.

Could a github compromise lead to binaries on bitcoin.org being compromised ? With the current
setup, it seems so.

In my personal opinion, bitcoin.org along with it's binaries should be hosted on a hardened server,
separate from any other service.

Please discuss.

The download links on bitcoin.org go to sourceforge.  Also, the binaries are hashed and the hashes are signed with a well known key, so anyone that bothers to check would notice.

[ralree]

I just got aware of the fact that bitcoin.org is served through pages.github.com.

Code:

 ping www.bitcoin.org
PING bitcoin.org (207.97.227.245) 56(84) bytes of data.
64 bytes from pages.github.com (207.97.227.245)

I haven't develved deep into the issues surrounding github.com, neither have I used it much,
but there's been some writings about compromises of github during the last months, so I was
wondering if we would not be safer off disconnecting the bitcoin.org page with it's downloadable
binaries completely from github.com.

Could a github compromise lead to binaries on bitcoin.org being compromised ? With the current
setup, it seems so.

In my personal opinion, bitcoin.org along with it's binaries should be hosted on a hardened server,
separate from any other service.

Please discuss.

The download links on bitcoin.org go to sourceforge.  Also, the binaries are hashed and the hashes are signed with a well known key, so anyone that bothers to check would notice.

Thanks for that - I was wondering if there was a way to confirm authenticity of the official downloads if I wanted to be really anal retentive.

[Herodes]

Thanks for that - I was wondering if there was a way to confirm authenticity of the official downloads if I wanted to be really anal retentive.

I guess how anal retentive you want to be is directly proportional to the amount of bitcoins you have.

[kjj]

Here is one of the validation files for 0.7.0.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

4d4bba64926e86c4dfe8603ef2d7c2b942c29d47  bitcoin-0.7.0-linux.tar.gz
f5e4950451fb84806a4c86709d8f9e7aecbf0512  bitcoin-0.7.0-macosx.dmg
dce46beef11f4a82c0c24ea2d2fc4b39b680143c  bitcoin-0.7.0-win32-setup.exe
851708693d0609803eb917368c28d1142e029a31  bitcoin-0.7.0-win32.zip
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)

iQIcBAEBAgAGBQJQXLxgAAoJECnZ7msfxzDBgf0P/29r98AR853nwJ6Rz0Mn5b9v
ipE4jqenAB3cOa+9BkSBQ078clO8uAunYXBRQQtnqAd2a3/PCrnJYuzlZpHYA672
v9Gs2Yr5gsDesZmgQpTIA3y75rykc6Q1JCekGIIZXDL0VwX+4Ovj3KTr4Gwa+JdI
3XZi1ooFofCtFt6/8j7inzd/V3ORckY7lIMVkYMvzEVcpXUKzR5PQBhnwSNdHrxg
KzfbSMrdgapvMIPTgy5hIMEta0fS9VFJDXXyepOAzsGwm9DtBQqi5+c/nnC1cisb
NXAzJsS0Wd1ltfBlfT5t8QAez+pfeS5p5X17+OHJoUhp7K0j/dDKt2Q8EcpZZC7O
iNTcmIGrt0ATXorvxT/Mtv9D8mZOOfDrrjx4ikFr4HmD/ALhZnu9M1iyvdPnKV8T
m3BFEQ345/HmHNtpb0GzhJQzIronBsqEkuwNfsTZd4SBuAzAvoW8qoLb+Uqr3s+0
ssNI1YJXZYOpKiarzNXsvDB/ssjLIDEKQ+aGoXf0XI9KRYUfE4RLKHWvzYBv3IQu
pQy3pClbQ4SLpv6/PKrN4dqZOpRfXYCdXgvngVCyOSiPwC6Ol6hRE0WcWvZJcVhu
D+hSuhJGnM0ipEE1kPEKGiGhp7B27GfXaXVQNTuOWMWBK6ttKf5AbZaGHo6rQ3qV
2dcVI8EmSxYaBde/HqkH
=CZgV
-----END PGP SIGNATURE-----

Any changes to any of those files will change their hashes, and changes to any of the hashes will break the signature.  If you've verified the key, you can check them for each release.  By the way, the key they are signed with (currently) can be found here.  (But please don't take my word for it, verify the key yourself before you sign it or use it.)

[Richy_T]

Here is one of the validation files for 0.7.0.

Any changes to any of those files will change their hashes, and changes to any of the hashes will break the signature.  If you've verified the key, you can check them for each release.  By the way, the key they are signed with (currently) can be found here.  (But please don't take my word for it, verify the key yourself before you sign it or use it.)

But how can I trust you? Or that the owners of this site haven't modified your post?

Perhaps key-signing parties need to become part of the Bitcoin deal.

Probably should have these files torrented too for the decentralization. Would that decrease or increase security? Possibly neither I suspect.

[kjj]

Here is one of the validation files for 0.7.0.

Any changes to any of those files will change their hashes, and changes to any of the hashes will break the signature.  If you've verified the key, you can check them for each release.  By the way, the key they are signed with (currently) can be found here.  (But please don't take my word for it, verify the key yourself before you sign it or use it.)

But how can I trust you? Or that the owners of this site haven't modified your post?

Perhaps key-signing parties need to become part of the Bitcoin deal.

Probably should have these files torrented too for the decentralization. Would that decrease or increase security? Possibly neither I suspect.

Heh, you don't trust me, or my posts.  In fact, I explicitly tell you not to.

If, for some strange reason, you did want to trust me, I'd tell you that if:
1) the SHASUMS.asc file you are looking at has the SHA256 hash d2f06aca782ae7bc1f0df13e2646ea3343f09048019aa3136832c11c04a08fc7
and
2) the 1FC730C1 key you've downloaded verifies the signature in that file
then according to me (or anyone that has access to the forum database or can intercept either my post or your loading of my post), you have the right key and file.

Torrent would ensure that the file you downloaded was the file described in the torrent, but it couldn't tell you that the torrent was legit.

One thing that you can do is check the hashes and signatures on several of the releases you've used in the past, and decide that you've already trusted that key, whoever it belongs to, without knowing it, and then sign it with your own key.  That way, you'd at least know that future releases were signed by the same key as before.

[Pieter Wuille]

Also, through gitian, everyone can build the binaries and verify they match byte-for-byte the distributed ones, and their hash matches the signed checksums. We do not publish binaries before a few developers have succesfully built the exact same binary.

The process is somewhat contrived, but it allows for very deep inspection of what is distributed.

[Richy_T]

Here is one of the validation files for 0.7.0.

Any changes to any of those files will change their hashes, and changes to any of the hashes will break the signature.  If you've verified the key, you can check them for each release.  By the way, the key they are signed with (currently) can be found here.  (But please don't take my word for it, verify the key yourself before you sign it or use it.)

But how can I trust you? Or that the owners of this site haven't modified your post?

Perhaps key-signing parties need to become part of the Bitcoin deal.

Probably should have these files torrented too for the decentralization. Would that decrease or increase security? Possibly neither I suspect.

Heh, you don't trust me, or my posts.  In fact, I explicitly tell you not to.

If, for some strange reason, you did want to trust me, I'd tell you that if:
1) the SHASUMS.asc file you are looking at has the SHA256 hash d2f06aca782ae7bc1f0df13e2646ea3343f09048019aa3136832c11c04a08fc7
and
2) the 1FC730C1 key you've downloaded verifies the signature in that file
then according to me (or anyone that has access to the forum database or can intercept either my post or your loading of my post), you have the right key and file.

Torrent would ensure that the file you downloaded was the file described in the torrent, but it couldn't tell you that the torrent was legit.

One thing that you can do is check the hashes and signatures on several of the releases you've used in the past, and decide that you've already trusted that key, whoever it belongs to, without knowing it, and then sign it with your own key.  That way, you'd at least know that future releases were signed by the same key as before.

I was more thinking of the torrent as a way of decentralizing availability of the app. Though the fact that it is hashed is definitely a bonus.

[auzaar]

Also, through gitian, everyone can build the binaries and verify they match byte-for-byte the distributed ones, and their hash matches the signed checksums. We do not publish binaries before a few developers have succesfully built the exact same binary.

The process is somewhat contrived, but it allows for very deep inspection of what is distributed.

How can binaries build on my machine would match binaries build on other machine byte-by-byte?

[teamhugs]

The download links on bitcoin.org go to sourceforge.  Also, the binaries are hashed and the hashes are signed with a well known key, so anyone that bothers to check would notice.

Sourceforge mirrors have been cracked in the past, here's a recent example, https://bitcointalk.org/index.php?topic=113018.0

[teamhugs]

In my personal opinion, bitcoin.org along with it's binaries should be hosted on a hardened server,
separate from any other service.

A hardened server is irrelevant. Trusting pgp verification is relevant. With pgp verification, and a trust path back to the signer, the binaries and pgp sig can be hosted anywhere.

Has there been a pgp keysigning party which involves key 29D9 EE6B 1FC7 30C1 (short key known as 0x1FC730C1)?

[Bogart]

The integrity questions aside, I think that publishing torrents of the releases would be useful in general.

This is especially true for the block chain download.

[casascius]

Also, through gitian, everyone can build the binaries and verify they match byte-for-byte the distributed ones, and their hash matches the signed checksums. We do not publish binaries before a few developers have succesfully built the exact same binary.

The process is somewhat contrived, but it allows for very deep inspection of what is distributed.

How can binaries build on my machine would match binaries build on other machine byte-by-byte?

What do you expect might differ per machine?  If you print the same MS Word doc from two machines it should look the same. The same idea applies to compiling the same source code.

[kjj]

Also, through gitian, everyone can build the binaries and verify they match byte-for-byte the distributed ones, and their hash matches the signed checksums. We do not publish binaries before a few developers have succesfully built the exact same binary.

The process is somewhat contrived, but it allows for very deep inspection of what is distributed.

How can binaries build on my machine would match binaries build on other machine byte-by-byte?

What do you expect might differ per machine?  If you print the same MS Word doc from two machines it should look the same. The same idea applies to compiling the same source code.

Compiling is a different matter, everything must be exactly the same or you'll end up with differences.  My box has slightly different libraries, and a very different compiler version, so the bitcoind that I build for my own use is wildly different from the official releases, for example.

They actually use a virtual machine to create a predictable build environment for the public releases.  If you hang out in #bitcoin-dev around release day, you'll see that even with all the work they put into the VM, they have differences fairly often and need to resolve them.

[Herodes]

Also, through gitian, everyone can build the binaries and verify they match byte-for-byte the distributed ones, and their hash matches the signed checksums. We do not publish binaries before a few developers have succesfully built the exact same binary.

The process is somewhat contrived, but it allows for very deep inspection of what is distributed.

How can binaries build on my machine would match binaries build on other machine byte-by-byte?

What do you expect might differ per machine?  If you print the same MS Word doc from two machines it should look the same. The same idea applies to compiling the same source code.

Compiling is a different matter, everything must be exactly the same or you'll end up with differences.  My box has slightly different libraries, and a very different compiler version, so the bitcoind that I build for my own use is wildly different from the official releases, for example.

They actually use a virtual machine to create a predictable build environment for the public releases.  If you hang out in #bitcoin-dev around release day, you'll see that even with all the work they put into the VM, they have differences fairly often and need to resolve them.

Can't they just make a vm-image that all of them can use? That should sort it out ? At least, then they would have the same environment.

[jgarzik]

The integrity questions aside, I think that publishing torrents of the releases would be useful in general.

This is especially true for the block chain download.

Yes, torrents would be useful -- and some infrastructure is coming down the pipe for this.

Upcoming version 0.7.1, released hopefully this week or early next week, will automatically import 'bootstrap.dat', if that file exists in the bitcoin data directory.

This feature is intended to enable a bootstrap torrent to be downloaded.  Simply drop the torrent's data file (bootstrap.dat) into your directory, and bitcoin will do the rest.

The next step is for some volunteers to generate the torrent, and other volunteers to "beta test" the torrent by downloading it, and making sure it imports correctly into bitcoin.

The nice thing about this process is that these volunteers may be untrusted:  bitcoin will fully verify the input data, just like it does over the network.  A malicious torrent would largely waste everybody's time, but be quickly noticed as malicious.

[Atlas]

The integrity questions aside, I think that publishing torrents of the releases would be useful in general.

This is especially true for the block chain download.

Yes, torrents would be useful -- and some infrastructure is coming down the pipe for this.

Upcoming version 0.7.1, released hopefully this week or early next week, will automatically import any 'bootstrap.dat' files that is found in the bitcoin data directory.

This feature is intended to enable a bootstrap torrent to be downloaded.  Simply drop the torrent's data file (bootstrap.dat) into your directory, and bitcoin will do the rest.

The next step is for some volunteers to generate the torrent, and other volunteers to "beta test" the torrent by downloading it, and making sure it imports correctly into bitcoin.

The nice thing about this process is that these volunteers may be untrusted:  bitcoin will fully verify the input data, just like it does over the network.  A malicious torrent would largely waste everybody's time, but be quickly noticed as malicious.

This will not be automatic updates, correct?