remote-help-assistant team mailing list archive

Thread
Date

Re: Protocol changes, security issues

To: remote-help-assistant list <remote-help-assistant@xxxxxxxxxxxxxxxxxxx>
From: Andrew Sayers <andrew-bugs.launchpad.net@xxxxxxxxxxxxxxx>
Date: Fri, 10 Apr 2009 12:04:28 +0100
In-reply-to: <49DB77D2.3000208@pileofstuff.org>
User-agent: Thunderbird 2.0.0.21 (X11/20090318)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The following was originally sent off-list, so I'm reposting it on-list:

Pierre Fischer wrote:
| Hi Andrew,
|
| I've finally made a couple tests with revision 131. Sorry for the
| delay but I couldn't do it earlier.
|
| I've noticed some errors and/or strange behaviour in some cases. But,
| as you're currently working on a modified version, is it really worth
| continuing to test revision 131 and to investigate bugs we may notice?
| Shouldn't we wait instead until you've reached a new  stable point?
| Andrew, let us know what you prefer and when you expect to reach this
| new stable point.
|
| There is a similar question concerning the translations. Do we work
| now on revision 131 or do we wait for the next stable revision?
|
| Concerning the security issue you mentioned in your email dated April
| 1, I agree on your proposal of declaring precisely the type of trusted
| actions. But I don't understand why you need to log
| start time and end time of each session and why you propose to give an
| history of the various sessions.
|
| Erpiu

Hey Erpiu,

You're right that looking for bugs in version 131 isn't that useful -
I've been rushing to get features in for you guys to look over, which
I'll debug later.  I'm more interested to know: if the program was
exactly like it is now, but bug-free, what would you want to change
about it?

The current revision (141) is compatible with older 0.1 clients,
although it might not be compatible with future revisions.  It's also
got a lot more documentation, a configurator
(share/remote-help-assistant/configurator.py), and merged "safe" and
"advanced" modes.  Revision 141 probably has about 95% of the
user-visible stuff I have planned for 0.2, so you might want to test
that instead of 131.

About translations - it's largely up to you.  I don't plan to change
translatable strings more than about 5% before 0.2 is released, but if
you still have lots of changes you want to see, we should wait until
you're happy :)

About logging sessions - it's an issue of defence in depth.  Say Alice
and Bob regularly share their desktops with each other, and Alice
confirmed Mallory's key a long time ago.  In order for Mallory
impersonate Bob, she has to change her user account to something that
resembles "bob@bobs-pc", get Alice to ignore claims that they haven't
shared a session for over a year, and get Alice to tick one or two
boxes.  It's not hard to imagine a criminal getting away with one of
those, but getting away with all three would be much harder.  And if it
turns out that this really is a problem in the real world, keeping extra
logging information about times etc. might let us think up even more
obvious ways to flag up when you're talking to an imposter.

~    - Andrew
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJ3ye8GRQTxegE/G4RAriBAJ9pzATa48zifZp73ZGC67bPi9353wCeORIt
of/07SEr1vsQZm1YzEgKaQE=
=RKQQ
-----END PGP SIGNATURE-----

References

Protocol changes, security issues
From: Andrew Sayers, 2009-04-01