It wasn’t the lack of commits which made me think this was abandoned, but everything else (outdated instructions, issues and pull requests open with no reply, giant warning at the top of the README…).
> You can mitigate this by including PCRs that sign the kernel and initrd
nope! the trick the article is describing works even if the kernel and initrd is measured. it uses the same kernel, initrd, and command line.
the reason this trick works is that initrds usually fall back to password unlock if the key from the tpm doesn't work. so the hack replaces the encrypted volume, not the kernel, with a compromised one. that is:
1. (temporarily) replace encrypted volume with our own, encrypted with a known password.
2. boot the device.
3. the automated tpm unlock fails, prompting for a password.
4. type in our password. now we're in, using the original kernel and initrd, but it's our special filesystem, not the one we're trying to decrypt.
5. ask the tpm again for the key. since we're still using the original kernel, initrd, and command line, we should now get the key to unlock the original encrypted volume.
the way to fix this is to somehow also measure encrypted volume itself. the article points to suggestions of deriving a value from the encryption key.
I developed it mainly on Firefox on macOS. I'd love to figure out why it didn't work for you. Do you get anything on about:webrtc while trying to connect?
Thanks for the reply. I did the following for you:
1. Opened about:webrtc, clicked "start debugging".
2. Opened a WebWormhole on one tab.
3. Copy / pasted the code into WebWormhole on another tab. Got something like "invalid key".
4. Try again steps two and three. Got endless "connecting" message this time.
5. Stop debugging. No log file /tmp/WebRTC.log was created, so I clicked "save page". Used sed to replace my public IP address with x.x.x.x and uploaded here for you:
I hope this gives you enough information to fix the problem. I'd like to be able to use these tools too. I suppose it could be addon related, but another user confirmed the problem for Firefox / Linux. It would be useful to be able to detect various problems and report them to the user instead of hanging on "connecting".
Someone mentioned the command line client. One can also build and serve the html/js/wasm from anywhere and it should still work, even with the same signalling server. It has pretty lax CORS for this reason.
IPFS would be a solution here, since the files are content-addressed. You'd have to fetch them locally, since a gateway could still manipulate the content, but it's easier to find a gateway you trust.
Forgive my ignorance, but how would an IPFS gateway interfere here? If you have the hash of the js file you need, you can verify the gateway gives you the right one, correct? Or are you referring to the case where IPNS is used so the actually content at the address can change?
If you go to the hassle of verifying the hash, yes, that's fine. I was talking about just loading and using the page, which can be tampered with (because the hash checking happens on the gateway).
This uses STUN servers to help it poke through NATs. (That's what I mean by "WebRTC's NAT traversal tricks")
There's no TURN server set for this, but it shouldn't be hard to add one. There are NATs where you'd need one to relay all the traffic, but these seem to be relatively rare nowadays. If anyone has any actual statistics on these I'd appreciate it!
AT&T 5G uses Symmetric NAT. It's not rare if you have an iPhone or iPad with cellular. No way to do P2P without relaying traffic unless you want to "guess" the randomized port number, and, on that front, there are NAT-device-aware algorithms that can make that process faster.
We were promised IPv6 will make NAT's not necessary but I believe service providers use NATs not simply to conserve the IPv4 space but to actively discourage using the service to host your own servers.
They are zealously pushing the "ever increasing speeds" of questionable benefit for the user - what for? So that commuters could watch 8k 120fps video while on a bus? Or rather to gather all kind of sensor data in real-time, audio and video included, from their human oil wells? To strip off people's clothes with millimetre wave imaging?
But making it easy for people to run their own home/mobile servers, share and cooperate without govporate oversight is clearly not on their agenda.
We are going backward. Newer 5G and fiber deployments where I live offer only IPv4 with carrier grade NAT. No IPv6, and no real IP unless you ask for one. (Not sure how long they will offer that to non-business subscribers.)
Codes are intentionally single use, to limit the bruteforce vector. And only two peers can connect any given time currently. It would be interesting to figure out how to make it work with more than 2 peers!
i also obviously maintain the instance on https://webwormhole.io/.
reply