Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Hardware Section! #1713

Draft
wants to merge 14 commits into
base: master
from
Draft

Hardware Section! #1713

wants to merge 14 commits into from

Conversation

@JonahAragon
Copy link
Member

JonahAragon commented Feb 16, 2020

Description

https://deploy-preview-1713--privacytools-io.netlify.com/hardware/

This is a WIP draft but it's a start. TODO:

  • Mobile device recommendations
  • U2F key recommendations
  • PC recommendations
  • #904 (comment)?

Closes: #904
Closes: #616 (supersedes, we will try to eventually import the useful content from that PR here)
Closes: #989 (supersedes)
Closes: #420
Closes: #1714
Closes: #1731
Related: #832 (comment) (Pixel+Graphene info)

@netlify

This comment has been minimized.

Copy link

netlify bot commented Feb 16, 2020

Deploy preview for privacytools-io ready!

Built with commit bf4e916

https://deploy-preview-1713--privacytools-io.netlify.com

@5a384507-18ce-417c-bb55-d4dfcc8883fe

This comment has been minimized.

Copy link

5a384507-18ce-417c-bb55-d4dfcc8883fe commented Feb 16, 2020

Were any of my recommendations useful?

Why Nitrokeys, which are the only FLOSS option, are not listed?

@nitrohorse

This comment has been minimized.

Copy link
Member

nitrohorse commented Feb 16, 2020

Nice; glad to see a PR for a new hardware section!

@JonahAragon

This comment has been minimized.

Copy link
Member Author

JonahAragon commented Feb 16, 2020

@5a384507-18ce-417c-bb55-d4dfcc8883fe link? Yes, possibly. I haven't had a chance to go through them yet.

JonahAragon added 2 commits Feb 16, 2020
JonahAragon added 8 commits Feb 17, 2020
Copy link

5a384507-18ce-417c-bb55-d4dfcc8883fe left a comment

So is PTio going to be listing cryptocurrencies related information or just hardware wallets? Check this hardware wallet btw: https://shop.cobo.com/

@github-userx

This comment has been minimized.

Copy link

github-userx commented Feb 18, 2020

Fantastic first draft if you ask me! Great work guys!

Is this really a good phrase to use?

The iPhone 11 Pro and the iPhone 11 are the most secure and tested mobile devices on the market.

Wouldn‘t it be better to say „one of the most secure“ instead of „the most secure“ ?

Also: Doesn‘t the FairPhone2 come with a modified Stock Android by default? Or does it really come with UbuntuTouch preloaded?

Apologies, I don’t really know how to participate here on github or with this repo properly..

@github-userx

This comment has been minimized.

Copy link

github-userx commented Feb 18, 2020

NitroKeys is open hard- and software as far as I know?

But YubiKey‘s Hardware/firmware has never been OpenSource or audited:

https://www.yubico.com/blog/secure-hardware-vs-open-source/

The YubiKey hardware with its integral firmware has never been open sourced

Yubikey also had security issued if I remember correctly: https://www.schneier.com/blog/archives/2019/07/yubico_security.html

Good to see onlykey being mentioned as well. Don’t understand why Yubikey as closed Hardware is being privatized over onlykey.

@blacklight447-ptio

This comment has been minimized.

Copy link
Member

blacklight447-ptio commented Feb 18, 2020

@github-userx thats because we still have some issues with only key, mainly the points raised in #428

@github-userx

This comment has been minimized.

Copy link

github-userx commented Feb 18, 2020

@5a384507-18ce-417c-bb55-d4dfcc8883fe

This comment has been minimized.

Copy link

5a384507-18ce-417c-bb55-d4dfcc8883fe commented Feb 18, 2020

@blacklight447-ptio and why no nitrokey?

@blacklight447-ptio

This comment has been minimized.

Copy link
Member

blacklight447-ptio commented Feb 18, 2020

@github-userx sorry that should have been issue #489 , typo on my part, sorry about that.

@blacklight447-ptio

This comment has been minimized.

Copy link
Member

blacklight447-ptio commented Feb 18, 2020

@5a384507-18ce-417c-bb55-d4dfcc8883fe nitrokey is going to be added.

@github-userx

This comment has been minimized.

Copy link

github-userx commented Feb 18, 2020

@blacklight447-ptio

This comment has been minimized.

Copy link
Member

blacklight447-ptio commented Feb 18, 2020

@github-userx thats the same reason why we are a bit weary, especially as the first comment seemed to be non hostile and just a user asking well founded questions.

It could be nothing, but then again we are watching the situation from a distance. We don't want to take chances with accidentally recommending something insecure or untrustwortht.

@github-userx

This comment has been minimized.

Copy link

github-userx commented Feb 18, 2020

@JonahAragon

This comment has been minimized.

Copy link
Member Author

JonahAragon commented Feb 19, 2020

Also: Doesn‘t the FairPhone2 come with a modified Stock Android by default? Or does it really come with UbuntuTouch preloaded?

It does come with Android, but it is one of the few phones supported by the Ubuntu Touch project. The point of the Worth Mentioning section there is to recommend phones for the custom ROMs we also recommend on the OS page. You still need to flash it yourself.

@JonahAragon

This comment has been minimized.

Copy link
Member Author

JonahAragon commented Feb 19, 2020

NitroKeys is open hard- and software as far as I know?

We did add it to the worth mentioning section if you hadn't seen:

Nitrokey - A variety of security key products for different workloads. All Nitrokey products are open-source and customizable. The firmware and hardware have been independently assessed by Cure53 in 2015. We have found that there is no best overall product (the Pro 2 lacks Curve25519 while the lower-end Start supports it, for example) and they are lacking a variety of form factors such as USB-C and NFC that would be more convenient for many users.

It also clarifies the reason we recommended the Yubikey over it^

I did reorder the recommendations to list the SoloKey first, because if you only need U2F it is better than the YubiKey/NitroKey for cheaper and is also completely open-source :)

@JonahAragon

This comment has been minimized.

Copy link
Member Author

JonahAragon commented Feb 19, 2020

Actually I'm going to remove OnlyKey from being mentioned at all. I'm very concerned after reading #489 that the developers don't understand how hardware security works.

Specifically, I don't understand how they can make the claim that private keys can only ever exist on the device, while also allowing you to back up your keys from the device 🤔

Removes OnlyKey: #1713 (comment)
Rewords iPhone recommendation: #1713 (comment)
@github-userx

This comment has been minimized.

Copy link

github-userx commented Feb 19, 2020

@JonahAragon

This comment has been minimized.

Copy link
Member Author

JonahAragon commented Feb 19, 2020

I thought ptio‘s general standpoint is to always take / choose FOSS software/hardware over closed source?

It is not. It is our general standpoint to recommend the best tools for any particular task. Being open-source is a big factor, but it is not the only factor.

The biggest thing here is that the YubiKey "does it all", so to speak. It supports U2F, FIDO2, Curve25519 PGP keys, and TOTP keys. On the Nitrokey side of things...

  • Only the Pro 2 supports TOTP codes, but it does not support FIDO 2 or U2F. For that you need a FIDO2 key.
  • Only the Pro 2 and the Start support OpenPGP, but only the Start supports Curve25519 (which we like, cc @dngray) and Koblitz curves. And strangely, only the Pro 2 and the HSM support Brainpool curves.

This means that you need a minimum of two NitroKeys for similar functionality (a Pro 2 and a FIDO2 key). Three if you are dead set on Curve25519 for your private keys (a Pro 2 for TOTP codes, a Start for your PGP key, and a FIDO2 for WebAuthn), which is a reasonable assumption actually because they have a number of benefits).

You might say you don't need TOTP or OpenPGP functionality at all, so you would only need the FIDO2 key, which is fine. But in that case, we already recommend the SoloKeys, which also support FIDO2, are fully open-source, are cheaper, and come in USB-C and NFC formats.

Also, most YubiKey applications are open source. And we do not have to be concerned about malicious closed-source updates, since the firmware is read-only.

@blacklight447-ptio

This comment has been minimized.

Copy link
Member

blacklight447-ptio commented Feb 19, 2020

To expand on this above: most nitrokeys (except the gnuk version) and most other "open source" keys are not entirely opensource, by far the most of them still run a minimal operating system that controlls the smart card inside the usb key which is proprietary.

@github-userx

This comment has been minimized.

Copy link

github-userx commented Feb 19, 2020

@onlykey

This comment has been minimized.

Copy link

onlykey commented Feb 19, 2020

@JonahAragon If you can let me know what issues you have with OnlyKey I will be glad to respond to and address those concerns. I think as @github-userx mentioned it would be good to see OnlyKey added to this list. You can read about OnlyKey security on our page here - https://docs.crp.to/security.html

In regards to our secure backup feature there are a few things to consider when evaluating the backup threat model.

  1. When user's don't have a secure backup option they tend to create their own which may or may not be secure. For example, Yubikey states "the best ways to plan for backup YubiKeys are:  Add credentials at the same time to multiple YubiKeys if you have them or  Save a copy of the QR code (capture the screen) or make a copy of the secret key." So you can see how this lack of backup functionality may in some cases result in user's insecurely storing copies of secret keys on their computer.
  2. Secure backup functionality on OnlyKey only works if you set a backup key/passphrase. If not backup is disabled by default. For user's that want to permanently disable backup functionality this can be done by changing this setting in the OnlyKey preferences:
    image
  3. OnlyKey secure backup cannot be triggered by app, malware, software, etc. To do a backup a physical person has to first unlock OnlyKey by entering a PIN and then once unlocked hold button #1 down on OnlyKey for 5 seconds. OnlyKey then types out the encryped backup file which can be saved as a text file.

Let me know if you would like to discuss further or have questions about this I would be happy to answer any concerns.

@Peter-Easton

This comment has been minimized.

Copy link

Peter-Easton commented Feb 19, 2020

NitroKeys is open hard- and software as far as I know?

With the exception of the Nitrokey Start which is a rebranded version of the open-source GnuK, the Nitrokey Pro instead uses a smartcard chip as the secure element. There are no open Smartcards; although BASICcard and JavaCard allow for their own applets to be loaded onto the card, the functions of BASICcard that are implemented with power analysis and timing attacks in mind are non-free themselves and cannot be open sourced. For both JavaCard and BASICcard, the card's onboard operating system and interpreters or the JavaCard applet compilers and toolchain are non-free, even if the platform tools are.

While I fully recognize that using physical tokens represent an appreciable part of a defense in depth strategy against key compromise when combined with other security measures and proper handling of cryptographic keys, because the Nitrokey Pro uses the secure element of the smartcard as the most privileged portion of the token which actually handles the cryptographic materials. As the most privileged and important parts of the smartcard such as the card operating systems and interpreters are non-free, none of the lesser privileged items on the Nitrokey Pro should count toward the Nitrokey Pro being more meaningfully open source than the Yubikey.

Edit: 21:28 UTC for clarification.

@Peter-Easton

This comment has been minimized.

Copy link

Peter-Easton commented Feb 19, 2020

I also should mention:

The Trezor Model T should be something worth looking into as not a bitcoin wallet, but an SSH Key tool, U2F tool, GPG token, and password manager. The workflow for it is very different, and in the case of using it for GPG, is in a pre-Alpha state. Unlike other tokens it has a backup and recovery system that does not require any secret cryptographic materials to be sent to or handled by the computer and can be entered directly on the touchscreen of the device itself.

Source code for the Trezor is at https://github.com/trezor .

@JonahAragon

This comment has been minimized.

Copy link
Member Author

JonahAragon commented Feb 20, 2020

The Trezor Model T should be something worth looking into...

Do you own one yourself? Do you happen to know whether the 24-word recovery seed backs up keys like PGP, U2F, etc., or only crypto wallets?

I did mention that in its listing:

Trezor also has password manager functionality, supports GPG and SSH key storage functionality, and can act as a U2F key, making it a great backup for your U2F key (or vice versa).

But it seems like in both Trezor and Ledger's case, additional functionality is an afterthought. Especially with Ledger, which has some weird restrictions with its apps. I have both a Trezor One and a Ledger Nano X arriving tomorrow to test. Can't test the Model T.

One of the factors for the U2F key recommendation specifically is probably convenience. Neither Trezor nor Ledger products seem to be super convenient in the same way that a Yubikey might be with USB-C functionality, keychain form factor, NFC functionality for mobile devices, etc...

The Ledger Nano X has Bluetooth and supports iOS, but cannot currently be used as a Bluetooth U2F key on iOS [1] (or, reportedly Android). Trezor has no mobile functionality as far as I can tell which would be terrible for 99% of users.

@Peter-Easton

This comment has been minimized.

Copy link

Peter-Easton commented Feb 20, 2020

Do you own one yourself? Do you happen to know whether the 24-word recovery seed backs up keys like PGP, U2F, etc., or only crypto wallets?

Yes, I own one myself and can confirm that the recovery memnonic and password will back up and restore things besides the crypto wallet. At this moment, subkey functionality with GPG is not usable with keys generated from the Trezor, only with regular keys, and you would need to find a way to set the U2F counter correctly for restoring U2F so that adds another element to using it as a U2F token. Regenerating your GPG private keys also requires either a copy of the public keys, or knowing the exact timestamp at which they were created on. Customizing keying options such as cert digest algorithm for self signatures on your PGP public key certificate is also not available. However, the core functionality for GPG certifying, signing, and encryption works at this moment, experimentally. It is at this point in time likely to change and in the future could change in ways that are not going to be backwards compatible, but it does work and could be expanded upon in the future. Some ssh functions like rsync and scp aren't working as of yet; scp is currently working but it requires a bit of an odd way and I haven't figured out how to get it to sync directories yet.

One of the factors for the U2F key recommendation specifically is probably convenience. Neither Trezor nor Ledger products seem to be super convenient in the same way that a Yubikey might be with USB-C functionality, keychain form factor, NFC functionality for mobile devices, etc...

I agree, it's definitely not nearly as convenient. There's no NFC, it's larger and much clunkier than the other key tokens and it's not nearly as durable. The touchscreen is definitely going to be a fragile part of it, so I wouldn't ever try to do something like put it in my pocket alongside anything like a coin or a key. I'm glad to see it is still there though!

@onlykey

This comment has been minimized.

Copy link

onlykey commented Feb 20, 2020

@JonahAragon I wanted to follow up here as I didn't get a response to my previous message. I need to be able to understand the threat model you are referring to in regards to "developers don't understand how hardware security works" in order to be able to respond to your concerns.

Actually I'm going to remove OnlyKey from being mentioned at all. I'm very concerned after reading #489 that the developers don't understand how hardware security works.

In terms of OnlyKey hardware security we have a similar approach to that of Trezor, SoloKeys, and NitroKey. Of course its never an apple to apples comparison with hardware and these are all great products but I do want to point our a couple of key differences.

  1. Those devices all use STM32 MCUs with flash security. A flaw has been identified in STM32 MCUs that permits bypassing the flash security and dumping the contents of flash as shown in the kraken post here
    OnlyKey is the only one out of the 4 devices not using an STM32 MCU as OnlyKey utilizes a Freescale mk20dx256vlh7 MCU.

  2. While the attack mentioned by Kraken has only been demonstrated on the Trezor's STM32, it most likely affects the Nitrokey and Solokey to some extent as they use similar STM32 MCUs. We specifically decided not to go with STM32 in our products because of these vulnerabilities. In contrast there are no known vulnerabilities in OnlyKey's Freescale flash security.

So I am trying to understand why OnlyKey, the only one of the 4 devices listed that does not use the vulnerable STM32 architecture is not being included in the list here. Additionally, OnlyKey is the only device of the 4 that requires a PIN code, Trezor supports a passphrase but it is not required by default. Giving OnlyKey another layer of security for data at rest.

Specifically, I don't understand how they can make the claim that private keys can only ever exist on the device, while also allowing you to back up your keys from the device 🤔

I read through #489 and don't see there being any mention of claiming that private keys can only ever exist on the OnlyKey. We mentioned that private keys are stored offline, in separate hardware, but no, there are plenty of cases where your private key would exist somewhere else temporarily. I.e. You could export your private key from Protonmail and import to OnlyKey, you could export from Keybase and import to OnlyKey. We do provide specific instructions for user's that when loading keys to only do so from a trusted computer.

No technology is perfect but we do take user's privacy and security seriously, and if you find a vulnerability in OnlyKey we have a bug bounty program that will pay. The bounty is $1000 USD for things like extracting secrets from flash.


<ul>
<li><a href="https://devices.ubuntu-touch.io/device/FP2">Fairphone 2</a> <span class="badge badge-info">Ubuntu Touch</span> - The Fairphone 2 is an interesting look into modular, ethical, and sustainable mobile devices with an emphasis on open source. This our preferred hardware if you wish to run Ubuntu Touch, however using older and less tested hardware like this inherently forces you to make significant security compromises.</li>
<li><a href="https://redmine.replicant.us/projects/replicant/wiki/GalaxyS3I9300">Samsung Galaxy S3</a> <span class="badge badge-info">ReplicantOS</span> - This is the best hardware available if you wish to run ReplicantOS, however using older hardware like this inherently forces you to make significant security and usability compromises.</li>

This comment has been minimized.

Copy link
@DontUseGithub

DontUseGithub Feb 28, 2020

I'd suggest changing this:

Samsung Galaxy S3 (ReplicantOS) - This is the best hardware available if you wish to run ReplicantOS, however using older hardware like this inherently forces you to make significant security and usability compromises.

to something like this:

Samsung Galaxy S3 or Galaxy Note II (ReplicantOS) (postmarketOS) - This is the best hardware available if you wish to run ReplicantOS or if you want to run a GNU/Linux mobile OS such as postmarketOS, however using older hardware like this inherently forces you to make significant security and usability compromises.


IDK if Samsung Galaxy S3 and Galaxy Note II are any worse than the Pinephone or the Librem 5, they both have modem isolation and are capable of running mainline Linux.

other links:
https://wiki.postmarketos.org/wiki/Samsung_Galaxy_SIII_LTE_(samsung-i9305)
https://wiki.postmarketos.org/wiki/Galaxy_Note_II_(samsung-n7100)

This comment has been minimized.

Copy link
@JonahAragon

JonahAragon Feb 28, 2020

Author Member

The worth mentioning devices were specifically chosen because of our recommendations here: https://www.privacytools.io/operating-systems/#mobile_os

If you want PostmarketOS recommended, that is worth opening as a separate software issue.

This comment has been minimized.

Copy link
@DontUseGithub

DontUseGithub Mar 4, 2020

Thanks, done (issue # 1742).

We can still change this:

Samsung Galaxy S3 (ReplicantOS) - This is the best hardware available if you wish to run ReplicantOS, however using older hardware like this inherently forces you to make significant security and usability compromises.

to something like this:

Samsung Galaxy S3 and Galaxy Note II (ReplicantOS) - This is the best hardware available if you wish to run ReplicantOS, however using older hardware like this inherently forces you to make significant security and usability compromises.

@5a384507-18ce-417c-bb55-d4dfcc8883fe

This comment has been minimized.

Copy link

5a384507-18ce-417c-bb55-d4dfcc8883fe commented Mar 4, 2020

I think "Browser" should be moved within the "Software" section since there isn't more space on the nav bar when you are using Tor, or using Firefox with "privacy.resistFingerprint" activated. And I guess that PTio cares about Tor users.

Image of how it looks.
https://upload.vaa.red/2cogLr#35ceab28cc612e7397ff3ea35a67cb92

@JonahAragon

This comment has been minimized.

Copy link
Member Author

JonahAragon commented Mar 4, 2020

Works for me with privacy.resistFingerprint enabled. Might just be your screen resolution, lower than most? We can maybe still switch it though.

@5a384507-18ce-417c-bb55-d4dfcc8883fe

This comment has been minimized.

Copy link

5a384507-18ce-417c-bb55-d4dfcc8883fe commented Mar 4, 2020

Works for me with privacy.resistFingerprint enabled. Might just be your screen resolution, lower than most? We can maybe still switch it though.

Mmm, yeah, my monitor is quite small. Still, I think it would fit better but that's just m opinion.

@blacklight447-ptio

This comment has been minimized.

Copy link
Member

blacklight447-ptio commented Mar 6, 2020

Works for me with privacy.resistFingerprint enabled. Might just be your screen resolution, lower than most? We can maybe still switch it though.

Mmm, yeah, my monitor is quite small. Still, I think it would fit better but that's just m opinion.

I would argue that it would be better to create a seperate issue for it, as its a bit offtopic for this pull request.

@kaushalyap

This comment has been minimized.

Copy link

kaushalyap commented Mar 17, 2020

@JonahAragon Why no desktops, laptops hardware recommendations (in deploy preview)?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
9 participants
You can’t perform that action at this time.