@currentshaft
"No, they can't. TLS defends against MITM."
TLS encryption only protects the contents of https traffic.(in other words, browser traffic ) So it does protect your https content from eavesdropping by opponents. But TLS does not protect against packet injection. An entire package can be inserted into ubuntu apt's stream, and TLS wouldn't blink. TLS also does not protect the ip address header.
Now lets say I used a repository that supports https. Then the traffic contents will be protected against eavesdropping. But since APT handles http as well as https repositories, the encrypted transmission is transparent to it. APT checks on the package itself being OK and not tampered with. If the attacker inserts a properly signed package, APT will proceed to install it. His package being OK and valid does not preclude that it is not something I want on my system, like for example open-sshd. ( I don't want/need remote access capability )
I don't want to point this out in your face, but you overvalue encryption and think it solves all problems.
So the scripts I mentioned are post installation scripts that I run to configure Ubuntu; copying over conf files, removing unwanted packages and so on. The attacker has modified my scripts so that they fail, by making a syntax error here and there etc. I know the scripts should run pefectly because I wrote and debugged them. And that is tampering in STRIDE.
You are harboring the thought that all my thinking is paranoia and fantasy. But my failed scripts are evidence of tampering. And I have shown the mitm can still be done. If you want to, you can look into the many techniques that can be used to implement mitm. Arp manipulation is my favorite.
"Counter what? You still have not demonstrated a threat."
So now I have demonstrated a threat. And that is mitm. Fedora dnf's transaction checks protect against a package being inserted into an upgrade stream.
And also, since the attacker was modifying my installation scripts, they too are not protected by the existence of TLS 1.3. TLS encryption solves only particular problems. But does not protect me in this instance. Now you can re-read what I am doing and consider it in a different light.
Bookmarks