Databases
StackOverflow2013
Postsdbo
POAuto update: Is this secure?
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POAuto update: Is this secure?
    text
    copied!<h2><a href="http://code.google.com/p/dotnetautoupdate/" rel="nofollow noreferrer">Dot Net Auto Update</a></h2> <p>I felt like .net was lacking a simple secure automatic update library so I've implemented something and put it up <a href="http://code.google.com/p/dotnetautoupdate/" rel="nofollow noreferrer">here</a>. Before anyone considers using the library I was keen for the update process to get a bit a peer review. </p> <h3>Here are the steps:</h3> <ul> <li>The client software is populated with a public key and URI to poll.</li> <li>Client polls a URI for a manifest file.</li> <li>Manifest is downloaded and signature (in a separate ".signature") is used to check that the manifest is valid.</li> <li>A list of pending updates is parsed out of the manifest (to show to the user).</li> <li>The installer file is downloaded and again is verified with a corresponding ".signature" file. (the downloaded file will be protected with ACLs)</li> <li>The installer is run.</li> </ul> <h3>Mitigated threats:</h3> <ul> <li>The manifest signature should prevent any malicious downloads ("<a href="http://blogs.pcmag.com/securitywatch/2008/05/safari_carpet_bombing.php" rel="nofollow noreferrer">carpet bombing</a>")</li> <li>The installer signature should prevent any MITM attacks from sending malicious installers</li> <li>Protecting the downloaded installer with ACLs should prevent any local escalation attacks.</li> </ul> <h3>Unmitigated threats:</h3> <ul> <li>A <a href="http://en.wikipedia.org/wiki/MiTM" rel="nofollow noreferrer">MITM</a> attack where the attacker always reports "no updates available". (Could keep a client at a vulnerable version)</li> </ul> <h3>References:</h3> <ul> <li><a href="http://www.cs.umass.edu/~kevinfu/secureupdates/secureupdates-hotsec06.pdf" rel="nofollow noreferrer">Secure Software Updates: Disappointments and New Challenges</a></li> <li><a href="http://www.doxpara.com/DMK_BO2K8.ppt" rel="nofollow noreferrer">Black Ops 2008: It’s The End Of The Cache As We Know It </a></li> <li><a href="http://blog.metasploit.com/2008/07/evilgrade-will-destroy-us-all.html" rel="nofollow noreferrer">Evilgrade Will Destroy Us All</a></li> </ul> <p><br /></p> <h1>What have I missed?</h1> <p><br /></p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload