Comment by CarpaDorada
1 year ago
What about GnuTLS and GnuPG do you think makes them insecure? I think that they offer something unique and that must be factored in; i.e. if you compare them to competitors, you can't compare apples to oranges when making judgments for them. In mind I have projects like Open/Bear/Boring SSL to compare GnuTLS with, and sequoia for gpg. I really like sequoia, but it offers a different product to gnupg.
Emacs is a mosaic of 50 years of computer history, security is not its priority, but I guarantee you that in bug-gnu-emacs any security/network-related patches are most welcome.
Well, how about the fact that gnutls allowed passive cleartext recovery attacks to go unpatched for about 2 years?
How about the fact that GnuPG is predicated upon the web of trust which has been demonstrated not to work, encourages misuse in the form of long-lived identities which discourages key rotation, has no ratchets nor forward secrecy, has multiple internal key parsers, and a littany of vulnerabilities involving authentication and downgrade attacks?
GNU is just organizationally incapable of producing secure code. These tools are not good tools. GnuPG in particular offers absolutely nothing that another single-purpose tool doesn't do better, but for some reason people get emotional and mount all kinds of irrational defenses of it. GPG is not good. It is broken at a fundamental level.
>Well, how about the fact that gnutls allowed passive cleartext recovery attacks to go unpatched for about 2 years?
They patched it when they became aware of it in <https://gitlab.com/gnutls/gnutls/-/issues/1011>, it was not "allowed" to go unpatched.
>How about the fact that GnuPG is predicated upon the web of trust
No it is not, the web of trust is one mode of operation out of infinitely many that you can come up with, it's not forced upon the user. It was evangelized for a long time until the keyservers got DOSed. In retrospect obvious, but also gnupg is more-or-less an "activist" project -- big corps and govs are against encryption for the masses by and large. Had it had institutional backing from the beginning (which it never got) it'd have a much more robust model for users to work with.
>encourages misuse in the form of long-lived identities which discourages key rotation
You can automate key rotation with gpg. The long-lived identity argument can be seen as a strength too, short-lived isn't always better.
>a littany of vulnerabilities involving authentication and downgrade attacks?
I'm not aware of these; do you mean that GnuPG is not secure by default in its algorithm list? It chooses compatibility over security, but you're free to change the configuration. I think it's too harsh to say that GnuPG is inadequate because of that.
>GNU is just organizationally incapable of producing secure code.
I don't see why that'd be true, anyone can contribute to GNU so there is nothing inherent about GNU that makes its projects insecure.
>GPG is not good. It is broken at a fundamental level.
Works for me! I use it to sign my git commits and tarball releases, and with gpg-agent I get to authenticate to SSH servers.
>Works for me!
Hey, so long as you're cognizant of the fact that everyone credible thinks GPG is at best a security LARP, do what you feel is best.
11 replies →
What was the CVE for that cleartext downgrade attack ?
For gnutls? I believe it was this one: https://nvd.nist.gov/vuln/detail/CVE-2020-13777
It was not a "downgrade attack", it was passive cleartext recovery.
1 reply →
I have heard it said that a problem with GPG is that it does encryption AND signing when you'd ideally have separate tools for those tasks, like, for example, age for encryption.