I'm curious what everyone thinks. I personally agree with TheCthulhu, but I'm not a tech or crypto expert.
Original: https://www.thecthulhu.com/a-response-to-cryptome/
So today (20th December) I posted a mirror of the Cryptome archive I received from a close associate of mine (of whom I trust greatly) and was met by a rather blunt response from the Cryptome administrators regarding the integrity of the data I host. As many know, I take the subject of tampering very seriously, and whenever I have leaked or shared data I strive to provide it with a SHA1 and SHA256 hash at a minimum and also provide torrents, HTTPS and onion download options. Furthermore, if ever asked, I would also sign files using my personal PGP key.
The response I received from Cryptome was also either hinting that the entire research and crypto community is wrong in their conclusions, or that the Cryptome administrators don’t understand it themselves. The assumption that cryptography is unbreakable assuming an adversary with unlimited resources is wrong, even an adversary with limited resources given enough time can break all cryptography, but that doesn’t make it anything other than a theoretical matter when put into the actual context. This statement in particular “Mirroring is tampering. We ask that mirrors be labeled as tampering.” really also irritates me.
If Cryptome is so concerned that data is being tampered with, I suggest the following:
1. An MD5, SHA1, SHA256, SHA512 and Whirlpool digest be produced for the full archive of files in a format such as .zip or .tar.
2. The Cryptome administrators sign all the digests in a single PGP message to verify the hashes match the archive they produced.
3. The PGP signed message is published with the digests for 14 days on the Cryptome website, Twitter, my Twitter, my blog and any other source who wishes to make a copy of it. The 14 day period allows time for any party to raise concerns if say for example, a third party had stolen the PGP keys to forge the signature then the Cryptome administrators should have had time to realise this and either revoke the key or in some way suggest the archive is not legitimate.
4. After the 14 day period, the archive is made available publicly to which I shall ensure the hashes can be reproduced on my end, and then I will also sign the digests message to say it is the one I received and will be mirroring.
5. A torrent file can be produced which downloads the archive file specified above; this can also be signed by myself and Cryptome so people can be sure it is the one we intended to distribute and another layer of checks by checking the hash once downloaded exists.
6. External parties such as Twitter followings, security researchers etc cross sign the digests and our keys if they know us sufficiently and trust the archive is true as it was intended to be distributed.
If the above procedure is not sufficiently secure, then one must operate on the assumption all technology is unsafe to use. There is the legitimate concern of hardware tampering and backdoors, which is why open source software should be used at all stages. However, I would like to draw attention to the fact that Cryptome offers the full archive for $100 which is shipped via USB. Therefore, concerns regarding hash or cryptographic security yet readily shipping USBs seems to me a fairly extreme state of cognitive dissonance given what is known about attacks like BadUSB and state physical interception operations.
I call on Cryptome to start allowing proper mirroring of content. Nobody has called upon Cryptome to host the content themselves or in any way incur additional costs. What is being asked is that you provide the content with reasonable security as I propose above, rather than completely ignoring the matter which will drastically reduce the security and safety of downloads. If you claim to be all about anti-censorship and transparency, then the measures I propose above are a good fit. This isn’t about offering 100% perfect security, this is about offering people the ability to verify the files in a manner which is reasonable and proportionate to the technology even state level adversaries currently possess. Even if you disagree on the security of the cryptographic protocols and measures I describe above, know that the vast majority of researchers and information security professionals disagree with you, and that providing it is still far better than not providing the hashes at all.