[Cryptography] any reviews of flowcrypt PGP for gmail?

Jerry Leichter leichter at lrw.com
Tue Aug 25 15:53:39 EDT 2020

> I have sympathy for the Signal developers. If there is a flaw in the software, they need to push updates, and push them fast. On the other hand, this makes it possible, under certain circumstances, to quickly push poisoned updates to targeted users. There is no good middle ground if you don't want to market yourself as a niche product. You're screwed either way.
This is a problem worth thinking about.  And there are ideas already out there.

1.  Make sure *everyone gets the same upgrade.*  This can be done by cross-checking checksums in some broad, public way.  A poisoned release can, of course, act differently for different users - something we already see - but you're raising the bar.  And the more poisoned copies there are out there, the greater the chance that someone notices.
2.  Use reproducible builds, in which anyone building from source will end up with artifacts with the same checksums.  These individually-compiled versions must, of course, have checksums that match the ones of the pre-compiled versions.  Again, this can be hacked around - "Reflections On Trusting Trust" applies if you want to go all the way there.
3.  Of course, you'd better be sure that there are plenty of sufficiently-skilled, independent eyes on any changes.
4.  What else?  This is an important area for further research.

                                                        -- Jerry

More information about the cryptography mailing list