www.keepass.info is not secured by SSL. Therefore, an attacker could spoof the download pages on the site to point to a compromised version of KP.
Now it's true that the download links point to SF pages which are secure, but that doesn't address the site spoofing attack, except if people are careful to validate that the download is really coming from SF. Does everyone who downloads KP know to do that?
How much would it cost to host keepass.info with an SSL certificate (at least the download pages)?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
To spoof the KeePass download page is a very specific attack and if someone is that determined to attack KeePass there are plenty of other mechanisms that would be as effective. There is little we can do to protect against a specific attack.
cheers, Paul
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi Paul
Thanks for your comment, I'm not sure I agree though.
Firstly, if there are known mechanisms for attacking KP I think it would be good to share them - after all KP is a security program, and generally speaking openness is better for security. So I personally think such a discussion would be very beneficial. Or maybe someone already did a security analysis?
Secondly, the download page points to OpenPGP signatures for builds. This implies to me that someone has considered the risk of fake binaries, and thinks that publishing signatures is a way to protect against that. These signatures are signed by a key published on the site, but since the site server is unauthenticated I'm not sure exactly what this achieves.
Finally, I don't agree that there is little to do against this attack - what can be done is to host the site, or at least the relevant pages, protected by SSL. I asked what the cost of this would be. I'm happy if someone then concludes the cost is not worth the benefit.
Thanks
Eddy
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
If the signatures have been replaced by false ones, they will fail verification against the public key published on keepass.info
SSL guarantees that the public key indeed comes from the domain keepass.info. This is what would allow me to trust the public key and use it to verify the signatures.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hmm, this is disappointing. I was psyched to download KeePass, but was soon perturbed when I noticed there is no secure way to download it. And then, worse, that there was no way to securely download the keys and signatures. Unfortunately, I will install KeePassX instead, since both the download and the keys are secure :/ Thank you for being open source and making KeePassX even possible!
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The official KeePass files are hosted at: https://sourceforge.net/projects/keepass/files/ and the associated mirror sites.
The official KeePass website (keepass.info) provides https links to specific files hosted on the aforementioned repository.
If you wish to verify the authenticity of a KeePass download you can compare the hash sum of the download to its published hash sum.
Last edit: wellread1 2016-08-13
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The official KeePass files are hosted at: https://sourceforge.net/projects/keepass/files/ and the associated mirror sites.
The official KeePass website (keepass.info) provides https links to specific files
I'll make this more explicit: if you want an SSL download page, then don't go to to keepass.info. Just go to the KeePass page on sourceforge and download from there directly.
If you're on Windows, regardless of where you download KeePass from, the installer is signed. So you should verify that Dominik's name is listed as the publisher before installing. If it's not, the file is corrupt or tampered with, and you will get a big red warning message.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Still, why not have https://keepass.info show a legal cert? Let's Encrypt is free, I don't run any plaintext sites anymore since they came out of beta, port 80 is there only to redirect to 443. any website today, especially one dealing with security software, looks odd if they don't offer HTTPS. the fact the first thing one gets is an SSL warning and being forced to add an exception on your initial visit makes it look very unprofessional indeed.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
www.keepass.info is not secured by SSL. Therefore, an attacker could spoof the download pages on the site to point to a compromised version of KP.
Now it's true that the download links point to SF pages which are secure, but that doesn't address the site spoofing attack, except if people are careful to validate that the download is really coming from SF. Does everyone who downloads KP know to do that?
How much would it cost to host keepass.info with an SSL certificate (at least the download pages)?
To spoof the KeePass download page is a very specific attack and if someone is that determined to attack KeePass there are plenty of other mechanisms that would be as effective. There is little we can do to protect against a specific attack.
cheers, Paul
Hi Paul
Thanks for your comment, I'm not sure I agree though.
Firstly, if there are known mechanisms for attacking KP I think it would be good to share them - after all KP is a security program, and generally speaking openness is better for security. So I personally think such a discussion would be very beneficial. Or maybe someone already did a security analysis?
Secondly, the download page points to OpenPGP signatures for builds. This implies to me that someone has considered the risk of fake binaries, and thinks that publishing signatures is a way to protect against that. These signatures are signed by a key published on the site, but since the site server is unauthenticated I'm not sure exactly what this achieves.
Finally, I don't agree that there is little to do against this attack - what can be done is to host the site, or at least the relevant pages, protected by SSL. I asked what the cost of this would be. I'm happy if someone then concludes the cost is not worth the benefit.
Thanks
Eddy
To make a KeePass specific attack all you need to do is persuade someone to install rogue software and that happens all day, every day.
How does an SSL connection guarantee the signatures have not been replaced with false ones?
cheers, Paul
If the signatures have been replaced by false ones, they will fail verification against the public key published on keepass.info
SSL guarantees that the public key indeed comes from the domain keepass.info. This is what would allow me to trust the public key and use it to verify the signatures.
Hmm, this is disappointing. I was psyched to download KeePass, but was soon perturbed when I noticed there is no secure way to download it. And then, worse, that there was no way to securely download the keys and signatures. Unfortunately, I will install KeePassX instead, since both the download and the keys are secure :/ Thank you for being open source and making KeePassX even possible!
The official KeePass files are hosted at: https://sourceforge.net/projects/keepass/files/ and the associated mirror sites.
The official KeePass website (keepass.info) provides https links to specific files hosted on the aforementioned repository.
If you wish to verify the authenticity of a KeePass download you can compare the hash sum of the download to its published hash sum.
Last edit: wellread1 2016-08-13
I'll make this more explicit: if you want an SSL download page, then don't go to to keepass.info. Just go to the KeePass page on sourceforge and download from there directly.
If you're on Windows, regardless of where you download KeePass from, the installer is signed. So you should verify that Dominik's name is listed as the publisher before installing. If it's not, the file is corrupt or tampered with, and you will get a big red warning message.
Still, why not have https://keepass.info show a legal cert? Let's Encrypt is free, I don't run any plaintext sites anymore since they came out of beta, port 80 is there only to redirect to 443. any website today, especially one dealing with security software, looks odd if they don't offer HTTPS. the fact the first thing one gets is an SSL warning and being forced to add an exception on your initial visit makes it look very unprofessional indeed.