PGP digital signatures for pseudonymous software distribution
⭐ Merited by xandry (2)
I have no dog in this fight. I am just dropping in to note the following:
Note: I myself would not run closed-source binary blobs from anyone whom I did not deeply trust. On that particular point, digital signatures are irrelevant. “Official” identification is irrelevant; I have deeply trusted totally anonymous parties, although that is very rare. What is relevant is the level of trust required. I will not hereby launch into some open-source rant; I know that the world is full of scum you want to rip off others’ work, etc., etc. I simply must note the level of trust involved.
An exemplary lesson on why digital signatures are important:
In November of 2019, an unidentified malicious hacker compromised the downloads of Monero binaries (onion). Some people got coins stolen straight from their wallets because of this. I am not so sympathetic to them, for they were foolish: They didn’t verify the files against the PGP-signed list of hashes.
Anyone who checked the digital signature on the hash list (and then verified the hashes!) was absolutely safe against this attack. And the hacker could not simply replace the hash list, because he could not fake the digital signature.
The hash list is signed by someone named “binaryFate” with the PGP fingerprint 81AC 591F E9C4 B65C 5806 AFC3 F0AF 4D46 2A0B DF92—always check the PGP fingerprint! I have no idea what binaryFate’s “real name” is, and I do not care; it is none of my business. I always check the validity of binaryFate’s digital signature.
This raises the question of obtaining and authenticating the signing key. binaryFate’s public key is in the Monero source code repository; anyone who uses git to track the Monero sources has a copy of the key which would be difficult for an imposter to replace without anyone noticing. The key is signed by some other people, though that may not be useful if you have not already obtained and authenticated their keys. And when you import the key, you should check the PGP fingerprint to see if it is what you expect it to be.
Practical tips:
- The unsigned list of hashes that you provide is worse than useless: It is a total waste of time, and it is security theatre which causes a false sense of security.
Sorry, but—I am not sorry. After so many years of dealing with this nonsense, I must be blunt: To provide an unsigned list of hashes for “verification” requires such a level of mental retardation as to make me wary of everyone who does it. Oh yes, this world is just chock full of retarded monkeys... Duh, use some logic: A hacker who can replace the downloadable files with a malicious version can easily replace the unsigned list of hashes, too. Why wouldn’t he? 🤔
- To produce digital signatures, you do not need to reveal your “real” identity. Use PGP. That is what I do. See my PGP key fingerprint in my forum signature. I did not dox myself to get that!
You only need to dox yourself if you want a code signing certificate from certain CAs—including, I think (?), all of the CAs that Microsoft Windows trusts for Authenticode code signing. Easy solution: Use PGP. Use PGP. Use PGP.
If you are new to PGP, a fun way to get started is to check out use PGP to send OgNasty a private message in public. Then, get busy using PGP for digital signatures! - As a privacy advocate, a Tor user, and a strongly pseudonymous party myself, I take offence at the suggestion that only criminals want to avoid being doxed. What PhoenixMiner alleges NiceHash to have said would make me tend to distrust NiceHash, if that is an authentic quote:In the meantime, we received another message, with quite different tone:QuotedjeZo on March 8th, 2021, 07:58:33 AM
Everything will be established back as it was. But I am really curious, why are you so anonymous? I got another hint from someone that you are collecting fees from botnets. Is that true? Because then this is really not good for our business - we cannot afford to be linked with a crime of such proportions. And we would have to make greater distance between.
Also what I dont understand is, even if you are connected with a crime somehow and this is the reason to stay anonymous, why not create a second miner, as a legal business - a miner that you could sign and distribute without any worries for end users?
To be absolutely clear: I do not know the PhoenixMiner people. I neither defend them, nor accuse them; and I certainly cannot vouch for them. They may be honest or criminal; I have no opinion on that either way, and I have no reason to investigate. However, I do NOT hold their anonymity against them.
Satoshi Nakamoto never revealed his “real” identity; and according to theymos, he “always used Tor”. Would NiceHash ask him, “Why are you so anonymous? Are you doing something criminal?” That is just the stupid old “nothing to hide” chestnut.
Note: I myself would not run closed-source binary blobs from anyone whom I did not deeply trust. On that particular point, digital signatures are irrelevant. “Official” identification is irrelevant; I have deeply trusted totally anonymous parties, although that is very rare. What is relevant is the level of trust required. I will not hereby launch into some open-source rant; I know that the world is full of scum you want to rip off others’ work, etc., etc. I simply must note the level of trust involved.
An exemplary lesson on why digital signatures are important:
In November of 2019, an unidentified malicious hacker compromised the downloads of Monero binaries (onion). Some people got coins stolen straight from their wallets because of this. I am not so sympathetic to them, for they were foolish: They didn’t verify the files against the PGP-signed list of hashes.
Anyone who checked the digital signature on the hash list (and then verified the hashes!) was absolutely safe against this attack. And the hacker could not simply replace the hash list, because he could not fake the digital signature.
The hash list is signed by someone named “binaryFate” with the PGP fingerprint 81AC 591F E9C4 B65C 5806 AFC3 F0AF 4D46 2A0B DF92—always check the PGP fingerprint! I have no idea what binaryFate’s “real name” is, and I do not care; it is none of my business. I always check the validity of binaryFate’s digital signature.
This raises the question of obtaining and authenticating the signing key. binaryFate’s public key is in the Monero source code repository; anyone who uses git to track the Monero sources has a copy of the key which would be difficult for an imposter to replace without anyone noticing. The key is signed by some other people, though that may not be useful if you have not already obtained and authenticated their keys. And when you import the key, you should check the PGP fingerprint to see if it is what you expect it to be.
Practical tips:
- Use digital signatures.
- Safeguard the private key.
- Distribute the public key in ways that make it easy for others to obtain, and difficult for an imposter to replace with a fake key.
- Scrawl your PGP fingerprint all over the Internet.