Ubuntu

UbuntuHashes doesn't contains SHA256

Reported by belabela on 2011-05-28
14
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ubuntu-docs (Ubuntu)
Undecided
Unassigned

Bug Description

Binary package hint: ubuntu-docs

It's great that
https://help.ubuntu.com/community/UbuntuHashes
provides MD5 checksums over HTTPS, but theres a problem with MD5 - it't not trustable see link:
https://secure.wikimedia.org/wikipedia/en/wiki/MD5#Security

It would be a wise thing to use SHA256 instead of MD5:
https://secure.wikimedia.org/wikipedia/en/wiki/SHA256

because there are already SHA256SUMS in the mirror servers, e.g.:
http://ftp.freepark.org/pub/CDROM-Images/ubuntu//11.04/SHA256SUMS

p.s.: the problem serving SHA256SUMs over HTTP that it gives false sense of security.

It MUST be served over HTTPS to be trustable.

Please update the /UbuntuHashes site from MD5 hashes to SHA256 hashes

belabela (belabela) on 2011-05-29
Changed in ubuntu-docs (Ubuntu):
status: New → Confirmed
visibility: private → public
belabela (belabela) wrote :

What's taking so long?? Can I have editor permission to this site. It could be fixed in about ~5 minutes... Why is it takes SOOOOOO long to modify them???

Because people are volunteers, and its the weekend, and I believe this
discussion was brought up in the past and it was decided to stay with md5.
On May 29, 2011 1:30 PM, "belabela" <email address hidden> wrote:
> What's taking so long?? Can I have editor permission to this site. It
> could be fixed in about ~5 minutes... Why is it takes SOOOOOO long to
> modify them???
>
> --
> You received this bug notification because you are a member of Ubuntu
> Website Community Team, which is a subscriber of a duplicate bug
> (789674).
> https://bugs.launchpad.net/bugs/789688
>
> Title:
> UbuntuHashes doesn't contains SHA256
>
> Status in “ubuntu-docs” package in Ubuntu:
> Confirmed
>
> Bug description:
> Binary package hint: ubuntu-docs
>
> It's great that
> https://help.ubuntu.com/community/UbuntuHashes
> provides MD5 checksums over HTTPS, but theres a problem with MD5 - it't
not trustable see link:
> https://secure.wikimedia.org/wikipedia/en/wiki/MD5#Security
>
> It would be a wise thing to use SHA256 instead of MD5:
> https://secure.wikimedia.org/wikipedia/en/wiki/SHA256
>
> because there are already SHA256SUMS in the mirror servers, e.g.:
> http://ftp.freepark.org/pub/CDROM-Images/ubuntu//11.04/SHA256SUMS
>
> p.s.: the problem serving SHA256SUMs over HTTP that it gives false
> sense of security.
>
> It MUST be served over HTTPS to be trustable.
>
> Please update the /UbuntuHashes site from MD5 hashes to SHA256 hashes

belabela (belabela) wrote :

ohh, sry. :)

then I will wait till weekdays

Chris Johnston (cjohnston) wrote :

I would not recommend pushing the issue. There are many more important
things that need to be worked on, so this may very well sit on the back
burner. I believe that there is a package you could check out, make the
changes, and then propose a merge and see if it will be accepted.
On May 29, 2011 2:10 PM, "belabela" <email address hidden> wrote:
> ohh, sry. :)
>
> then I will wait till weekdays
>
> --
> You received this bug notification because you are a member of Ubuntu
> Website Community Team, which is a subscriber of a duplicate bug
> (789674).
> https://bugs.launchpad.net/bugs/789688
>
> Title:
> UbuntuHashes doesn't contains SHA256
>
> Status in “ubuntu-docs” package in Ubuntu:
> Confirmed
>
> Bug description:
> Binary package hint: ubuntu-docs
>
> It's great that
> https://help.ubuntu.com/community/UbuntuHashes
> provides MD5 checksums over HTTPS, but theres a problem with MD5 - it't
not trustable see link:
> https://secure.wikimedia.org/wikipedia/en/wiki/MD5#Security
>
> It would be a wise thing to use SHA256 instead of MD5:
> https://secure.wikimedia.org/wikipedia/en/wiki/SHA256
>
> because there are already SHA256SUMS in the mirror servers, e.g.:
> http://ftp.freepark.org/pub/CDROM-Images/ubuntu//11.04/SHA256SUMS
>
> p.s.: the problem serving SHA256SUMs over HTTP that it gives false
> sense of security.
>
> It MUST be served over HTTPS to be trustable.
>
> Please update the /UbuntuHashes site from MD5 hashes to SHA256 hashes

belabela (belabela) wrote :

I found SHA1 sums here!! :
https://help.ubuntu.com/community/Installation/MinimalCD#64-bit PC (amd64, x86_64)

:)

belabela (belabela) wrote :

omg...but the linked site:

https://help.ubuntu.com/community/Installation/MinimalCD#64-bit

it publicly editable... great...it's a bug, no? just like the /UbuntuHashes was editable...

security vulnerability: yes → no
belabela (belabela) wrote :

"** This bug is no longer flagged as a security vulnerability"

are you kidding me? are you serious?

Jordon Bedwell (envygeeks) wrote :

Belabela,

Publicly editable does not mean it's insecure. The Wiki does keep track of all edits so that an audit can happen. By your theory the information you linked to on Wikipedia is insecure as well, because I can go and edit it freely and forge all kinds of information. HTTPS does not make an editable wiki more secure.

Aside from that, you can also compare each version (edit.) You would need to compromise the back-end to the wiki to forge the edit, and even then an admin can go back and revert the edit and disclose the false edit warning the community at large that a compromise happened and that they should validate their ISO's if downloaded during that given time frame.

To also note, everything on those mirrors is directly from Ubuntu, they do not create the sums themselves and Ubuntu provides sums, as you can clearly see here at http://cdimage.ubuntu.com/releases/11.04/release/SHA256SUMS and http://cdimage.ubuntu.com/releases/11.04/release/SHA1SUMS.

As far as the HTTPS, my suggestion is that you create a separate bug for that and request that they add HTTPS to the CDIMAGE site.

Changed in ubuntu-docs (Ubuntu):
status: Confirmed → Opinion
Colin Watson (cjwatson) wrote :

My understanding from the sysadmin team in the past is that serving cdimage over HTTPS would add an unacceptable amount of load to an already stretched set of machines. That goes double for releases.ubuntu.com, especially around release time when it is slammed.

The reason we still advertise MD5 in many places is that md5sum binaries are often easier to lay your hands on if you're using a non-Unix platform, as many people coming to cdimage naturally are; and, while it may not defend against a determined second-preimage attack these days, it still provides perfectly adequate assurance against unintentional corruption in transit. For the latter use case, the shorter hash is much easier to check by eye.

For people who care about security against determined attackers, HTTPS might well be inadequate anyway, unless you're one of the even fewer people who carefully audits the set of CA certificates they choose to trust. Better security than that is already provided by the GPG signatures on the SHA256SUMS file (see SHA256SUMS.gpg). The public half of the key used for those signatures is widely-distributed (e.g. in /usr/share/keyrings/ubuntu-archive-keyring.gpg in the ubuntu-keyring package, key ID FBB75451, so you can bootstrap off an already-trusted Ubuntu system if one's available), and is well-connected to the global web of trust by virtue of being signed by my key as creator and operator.

I would recommend considering UbuntuHashes as merely a way to check for transport layer corruption, and instead relying on the GPG signatures if you require real security.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers