About Feature 3212047 and trust.

English Install/Boot/Login
#1

This is just an update and a thank you to everybody who has voted up to now for feature 312047 of openFATE. Although I share the worry of robin_listas that features should be adopted on technical bases, sometimes a technical base, even if there and easy to implement, is overlooked because awareness is missing “at the right level”. To this extend, I belief that openFATE can make a difference.
When I began to “advertise” this IMO very important feature, there were only 2 votes (the author’s and mine included) after two years that it was out. The decision to get so proactive, I took it because the problem is years old, potentially very troublesome, and is going directly against safe user behavior.
Several threads have been** opened** over the time, always with the same issue. As my argument goes, having available a https-page with the repo keys (ID and fingerprint), will give the users the possibility to act responsible and take the correct attitude. When one is accepting a signing key in order authorize a whole bunch of software to be installed, one should be sure not to give away the integrity of one’s system, without even being able to have the minor control over what happens. Just clicking O.K. and adding a repo signature without controlling for it’s authenticity, is like sending your bank data and passwords to some obscure email address because the latter claims to be your “friendly banker”. No sensed person would do this, why should we expect users to do this to their system.
The measure AFAIK is technically easy to implement… IF the will is there. So to raise awareness I did put this feature in my signature, to give people an idea about its existence.
If you haven’t voted yet, please have at least a look at the feature, think about it with calm. And then if you think you agree, just come back and vote for it.
Thank you to the 22 people who voted since, from only two votes we are now at 23. Still, given the importance of the issue, there should be many more votes, more awareness.
To everybody seasonal greetings.

P.S. life vests in airplanes will not help to avoid the airplane to crash or to sink in the see. But in the few cases where applicable, we still wish to have them. That is why we find them under our seats.

#2

@stakanov, I second your post.
I want to use what credibility I have in this forum to encourage people to vote up.

#3

I am happy you join the effort. Have a good day. (BTW. 1 person did join today. Seems that raising awareness helps :slight_smile: )

#4

Excellent idea, feature request and post.
Voted up.

#5

Agree, throughout life Trust is one of our most important values.

#6

Thank you very much for voting. We are still much too low in request for this feature, still it looks better than before. 34 user requested this to be done, I am looking forward for 50 votes up (and I think personally it is surprising that there are not least a 100 to have voted, given the importance). I think that this should be changed into a feature pertinent for 12.2 too, not only build-service. IMO it is equally valid for community repos as for all necessary updates of the very distribution keys (like it happened in the past).
Have a look at feature 3212047 and if you agree in the argument for more safety and information about what repo you are adding to your system, please vote.
Cheers to everyone who was already there, voting for or against. Better to be proactive in our choices than to stay only “innocent bystanders”.

#7

On 02/07/2012 01:16 AM, stakanov wrote:
>
> please vote.

don’t know how i missed this earlier, but i did…and, just voted…

perhaps a note in the Looking For, or Chit-Chat forum named (maybe)

Looking for more software SECURITY?

of course, then we have that problem with violating the FAQ’s multiple
postings prohibition…so, maybe the OP could PM a monitor and ask for a
move and subject change…

[there are forum monitors already supporting the suggestion, maybe one
of them wouldn’t mind moving the thread, and picking a more eye catching
subject line–on the other hand, rather than FATE i think it is a lot
better to off line convince an influential dev they they thought of it
first!!]


DD
Read what Distro Watch writes: http://tinyurl.com/SUSEonDW

#8

Thank you DenverD, I appreciate (as I would have appreciated also a statement against, I am not here to “push” people, I am doing this for sheer conviction that people need a wake up call sometimes). To avoid clutter, I began to use only this thread to push this forward, it is true that having the feature in my signature and this thread, brought the feature by a forgotten 2 votes to a proud 35(!) today. I thought of taking proactive contact to some devs and / or people responsible for the distribution to promote this directly, but I have in mind to wait with this to have raised more awareness. It would be good if I am going there when I can tell: look, there are lets say already 50 or better a 100 users of this opinion, so much that they did go the bother of registering to the openFATE site, and to take the time to vote for the feature.
There are very few things that disturbed me during the years with this fabulous OS. Some issues with regressions, some impulsiveness, but this one really made my life hard when arguing with newbies about safe behavior. OSS is not secure by default. The openness brings trust through controllability. But secure practices make our life much safer than only the very software design. Since we know IMO much more about software security and the respective values of secure practices, I feel we have a responsibility to go ahead whatever allows users to behave according to their values. This is why we promoted not to login as root, not to use software from unknown and unreliable sources and not to blindly click away warnings about missing signatures.
Welcome on board in this (hopefully not too tedious) endeavor.

P.S. the request for this feature was not my merit. So I hope one day to see the user here that had the good idea and posted it on openFATE to say thank you for it.

#9

Voted “up” too. Should indeed not be hard to implement, and give just that little bit extra.

#10

On 2011-12-11 14:26, stakanov wrote:
> This is just an update and a thank you to everybody who has voted up to
> now for ‘feature 312047’ (https://features.opensuse.org/312047) of
> openFATE.

I mentioned the issue recently on the openSUSE mail list, an one person is
contending that this is not necessary. I need help there, I’m alone. :wink:

Re: [opensuse] Repo key validation [Was: Missing packages in opensuse-12.1]


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

#11

On 2012-05-10 22:58, Carlos E. R. wrote:
> On 2011-12-11 14:26, stakanov wrote:
>> This is just an update and a thank you to everybody who has voted up to
>> now for ‘feature 312047’ (https://features.opensuse.org/312047) of
>> openFATE.
>
> I mentioned the issue recently on the openSUSE mail list, an one person is
> contending that this is not necessary. I need help there, I’m alone. :wink:
>
> Re: [opensuse] Repo key validation [Was: Missing packages in opensuse-12.1]

I need help! NOW!


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

#12

Ok, I see you post. Sorry if I am not online like usual these days. Will drop by.

#13

O,K. this is important, no clue on how to subscribe to the mailing list in question. I do not find “which” of the enless list is the right one and how to subscribe. I did find you message though.

#14

WHERE? (Please post a link!)

#15

On 2012-05-12 09:06, stakanov wrote:
>
> O,K. this is important, no clue on how to subscribe to the mailing list
> in question. I do not find “which” of the enless list is the right one
> and how to subscribe. I did find you message though.

I thought you were subscribed, but the cry for help goes to anybody that
wants that feature.

main link
main support list

It is important to defend the feature in the mail lists because the
decision makers are there. And now that there is interest it is the moment.

main link
main support list

Ok, to subscribe send an empty post to “opensuse+subscribe@opensuse.org”.
You get a reply for confirmation, which you reply to. Use an email addreess
that is not crucially important to you; I have a dedicated account in gmail
just for mail lists.

But you also need old posts to be able to reply to an existing thread.
Follow these instructions.

Download this month archive:

Compressed mailbox from May

You get a file named “opensuse-2012-05.mbox.gz”. You expand it with gzip,
and place it in a place where thunderbird reads it - assuming you use
thunderbird. For example, that would be


> cp opensuse-2012-05.mbox ~/.thunderbird/****.default/Mail/Local\ Folder/opensuse
> touch ~/.thunderbird/****.default/Mail/Local\ Folder/opensuse.msf

where “opensuse” would be the destination file. You also need to create an
empty index, that’s the second line above.

Then you restart thunderbird, and you get a new folder named “opensuse”
where you can read and reply to all the posts made this month. A similar
procedure would get you the posts from any month or year. Neat, eh?

That is the procedure to manually import a folder into thunderbird, other
mail programs should have a similar procedure. Pine is easy. Kmail was
easy, but I don’t know the current incarnation for kde 4.

Two important things to post there. One: do not top post. They don’t like
it, they will flame you for that. They much prefer answers to go
interlined. There is no moderator, mind, but there is a… self made police :-p

The other, careful because by default replies go to the originator of the
post; instead you have to manually select reply to the list: luckily
thunderbird has a button for this. If you use a mailer that don’t has it,
then select reply to all, and delete the private address. You can also get
flamed for this :-}

Ah, another one: if you want to start a new thread, don’t reply to an old
one and delete the old text: this is called hijacking a thread, and it
shows. And yes, you also get flamed.

Yep, rules :slight_smile:

All places have rules :wink:

And thanks.


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

#16

Two important things to post there. One: do not top post. They don’t like
it, they will flame you for that. They much prefer answers to go
interlined. There is no moderator, mind, but there is a… self made police :-p

The other, careful because by default replies go to the originator of the
post; instead you have to manually select reply to the list: luckily
thunderbird has a button for this. If you use a mailer that don’t has it,
then select reply to all, and delete the private address. You can also get
flamed for this :-}

Ah, another one: if you want to start a new thread, don’t reply to an old
one and delete the old text: this is called hijacking a thread, and it
shows. And yes, you also get flamed.

Top post would mean to reply with your text on top of the message i suppose.
So they want you to respond argument by argument following the (replied) lines of the original poster as:
>morron wrote: there is no need for signatures
robinlistas: yes there is
>because the world is a safe place
no it isn’t

etc…
did I well understand this principle? I am sure I will not be the only person to come there, pistazienfresser I think has good prospects too :slight_smile:
I will do my very best.

#17

On 2012-05-12 15:36, stakanov wrote:

> Top post would mean to reply with your text on top of the message i
> suppose.

Right.

> So they want you to respond argument by argument following the
> (replied) lines of the original poster as:
>> morron wrote: there is no need for signatures
> robinlistas: yes there is
>> because the world is a safe place
> no it isn’t

Right, but there is no need to cite the names. Any mail program does it.
Like this:


On date poster wrote

> I say something

No because...

(We only leave the part of the original post to which we respond - to save
space and bandwidth)

You see, there are no moderators, but there are rules. And breaking some
rules, those I mentioned as far as I remember, can ignite a flamewar on
those side issues instead of discussing the main point. It is a problem
with mail lists like ours :-}

> I will do my very best.

Thanks, because I’m almost out of arguments.

The point they are making is that the keys should simply be packaged as an
rpm, and come with the dvd.

I contend that if there is an update to the keys, the key would be imported
by zypper, losing trust chain.

They say that if you trust SUSE, the package is trusted

But that is the whole issue! Packages can be intercepted by a rogue mirror.


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

#18

On 2012-05-12 16:08, Carlos E. R. wrote:
> You see, there are no moderators, but there are rules. And breaking some
> rules, those I mentioned as far as I remember, can ignite a flamewar on
> those side issues instead of discussing the main point. It is a problem
> with mail lists like ours :-}

I forgot.

There is a mail list for testing the mail list: opensuse-test@opensuse.org.

If you use a gmail account, there is a caveat: you can not see your own
posts, because gmail consider them duplicates and removes them.


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)