Securing the integrity of downloads from the Tor/Tails website
Currently when downloading Tor or Tails from the website, we are advised to download a signature file to verify the integrity of the download. As the website acknowledges though, despite using SSL this provides no protection against a MITM attack, meaning that both the program and signature downloads could be compromised.
This same problem applies to downloading the programs necessary to verify the signature is correct, such as gpg4win, whose website doesn't even use SSL.
However, as explained here https://www.grc.com/fingerprints.htm, I believe there is a solution to this problem, namely using an Extended Validation certificate for the Tor/Tails website. Because these certificates are embedded in Firefox and Chrome and thus are not vulnerable to being tampered with, as certs in an external store are, these browsers can indicate when a SSL connection is using one of these certs and assures the user that when visiting the site, they are not subject to a MITM attack.
Therefore, the user can be certain that when downloading the program and signature from the Tor/Tails website, it is in fact being downloaded from there and nowhere else. I think to complete the circle, it would be necessary to host whatever program is needed to verify the signature on the Tor website as well and not have this downloaded from an external website, which even if it uses SSL could expose the user to a MITM attack and result in them downloading a compromised version of the verification program. The MD5 Reborned addon for Firefox https://addons.mozilla.org/en-US/firefox/addon/md5-reborned-hasher/ does at least download from a site using an EV cert, so users can be sure they're not subject to a MITM attack when downloading that but you are still relying on this website not being hacked and the download being replaced with a compromised one. I guess the dev-team are best placed to decide whether any such breach would be publicised immediately by Mozilla, allowing users to protect themselves, or if it would be better to host all downloads on the Tor website.
There would of course still be the chance that the Tor web server could be hacked and the program/signature downloads replaced with compromised ones but I'm sure this would be caught fairly soon, whereas a MITM attack could result in users relying on compromised versions of the software for a long time without any idea.
Trac:
Username: tolodof