search

romanz / trezor-agent

Hardware-based SSH/GPG/age agent
GNU Lesser General Public License v3.0
563 stars 152 forks source link

Risk of pip Typosquatting attack #468

Open 444B opened 9 months ago

444B commented 9 months ago

NOTE: This repository lacks a security.md file. It is highly suggested to create and detail one, detailed here

Issue Summary:

A lack of naming consistency and a lack authoritative documentation of pip packages for devices and agents generates a risk of typosquatting attacks
A malicious actor may create an alternative python package and take advantage of individuals who mistype or are tricked into using a malicious yet functionally identical pip package

Evidence

https://github.com/romanz/trezor-agent/blob/master/doc/README-Windows.md#2-install-the-agent

Minimum Determined Fix(s)

1) Update the above documentation to state clearly the correct name of pip packages for each device
2) a review of the pip packages and which may be malicious in nature, by typosquatting
3) claiming all slash and underscore package names, to permanently prevent typosquatting for current models

444B commented 9 months ago

@SlugFiller for visibility (author of document)

SlugFiller commented 9 months ago

The correct list of packages appears in the main page, here. Copy and pasting it on every document, and keeping all the copies up to date, would be both redundant and difficult (and also error-prone). Also, I recall there was a discussion about it, and most of the packages appear in both forms. I should also mention that typosquatting is not the only form supply chain attack possible.

Besides, the entire model of hardware wallets is to assume a compromised computer. If a malicious package tries something funny, you have your device to protect you.