-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make FoxBox discovery (more) secure #4
Comments
Conclusion about adding certs at the OS level from the Cordova app: not viable, because:
|
For the same reason, downloading a WebExtension that installs a cert is silly, you can just directly download the cert itself. |
So current conclusion for TOFU-based: the user will just need to open the app with their browser of choice, and add the security exception. There are a few options to try to improve on this, but looks like there's no silver bullet. I'll continue to investigate the QR-code-based option, though. |
Implemented PoC of |
Next step: make the Cordova app work with QR-code scanner and mDNS. |
Added QR-code and mDNS. Next step: When discovering a |
Continuing this analysis/exploration in https://public.etherpad-mozilla.org/p/project-link-discovery |
Problem:
We are making good progress on FoxBox discovery inside a trusted local network, but if the local network is not trusted, an attacker inside your WiFi network could become a Man-in-the-Middle (MitM) between client and FoxBox, spying on your data, and possibly even replaying the commands sent.
Step 1: Trust on First Use (TOFU)
We assume no attacker is present during the setup phase, but once the app has discovered the FoxBox, comms should become TLS-protected, so that a MitM can only attack during the setup phase, and not at a later point in time.
Step 2: QR-code-base
To make the setup phase secure as well, the user should bring the client physically close to the FoxBox, and then somehow tell the client "this physical object is the one I want to connect to". I'm calling this QR-code-based because that provokes a clear mental image, but you could also use NFC, a USB cable, a PIN code, etc. to achieve the same.
To do:
Client-side implementation in WebExtensionhttps://<fingerprint>.foxbox<i>.<special-tld>
idea in more detailThe text was updated successfully, but these errors were encountered: