This is the mail archive of the
mailing list for the Cygwin project.
Re: SSL not required for setup.exe download
On 3/11/19, Andrey Repin wrote:
> Greetings, Archie Cobbs!
>> I must say I'm surprised so many people think it's a good idea to
>> leave cygwin open to trivial MITM attacks, which is the current state
>> of affairs.
>> This is my opinion only of course, but if cygwin wants to have any
>> security credibility, it should simply disallow non-SSL downloads of
>> setup.exe. Otherwise the chain of authenticity is broken forever.
> All the SSL stuff is build on idea of implicit unlimited trust.
I agree, the whole certificate authority bit seems to .. over-promise.
On the other hand, it does also seems to "raise the bar" making it
much more difficult to snoop or alter data in transit.
> Which is way worse in my opinion, than any theoretical MITM attack, which
> is easily mitigated with proper validation of your downloads.
Serious question - exactly how does one do "proper validation of your
For example, I don't have the current version of 7-zip
has a download link, but I don't see anything for a .sig, checksum or anything.
isn't any better.
It seems to me that the best I can do is make sure I do the download
via an https:// link
> It gives you false sense of security. What is worse, everybody is
> to reassure this false sense on every possible occasion.
I don't think it's a false sense of security. https:// isn't "safe"
but it is _safer_ than http://
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple