From 3aa8b1dd6e0f504ef83da99f8c9cdb2532f948f5 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sun, 13 Sep 2020 23:10:21 +0000 Subject: Initial conversion pass --- raw-wiki-dump/AlphaSealedBags.md | 62 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 raw-wiki-dump/AlphaSealedBags.md (limited to 'raw-wiki-dump/AlphaSealedBags.md') diff --git a/raw-wiki-dump/AlphaSealedBags.md b/raw-wiki-dump/AlphaSealedBags.md new file mode 100644 index 0000000..e99dbca --- /dev/null +++ b/raw-wiki-dump/AlphaSealedBags.md @@ -0,0 +1,62 @@ + +## Chain of custody + +At present, we can't make any statements at all about the integrity of the hardware before it reached us - assembled and ready. + +We test and program the Alphas using a dedicated computer, but not in a secure facility by any means. +A concerned user is advised to reprogram the firmware with binaries built from source. + +To provide some assurance the devices have not been tampered with after they have been programmed we put them in sealed bags with individual serial numbers. + +As the model of bags might change over time, we will publish photos of the bags used here as well as PGP signed statements for what serial numbers can be expected. +At this time, we do not keep records of which exact unit was sent to whom. + + + +This is a picture of the currently used bags: + +[[Image(Alpha_tamper_bag_2016-12-16.png, 640px)]] + + + +``` +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA512 + +At 2016-12-16, I put Cryptech Alpha units into sealed bags with the +following serial numbers: + + 26 0 027 233 507 + 26 0 027 233 508 + 26 0 027 233 509 + 26 0 027 233 510 + 26 0 027 233 511 + 26 0 027 233 512 + 26 0 027 233 513 + 26 0 027 233 514 + 26 0 027 233 515 + 26 0 027 233 516 + 26 0 027 233 517 + 26 0 027 233 518 + 26 0 027 233 519 + 26 0 027 233 520 + 26 0 027 233 521 + 26 0 027 233 522 + 26 0 027 233 523 + 26 0 027 233 524 + 26 0 027 233 525 + 26 0 027 233 526 + +/Fredrik +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQEcBAEBCgAGBQJYU/MVAAoJEBmMGv1QUVLd+2gH/jLZ7aUGlZ+Iwj6b746Hh6u1 +2JAZ+2tk5tRooTwNb4A5P3ewRcbjA0jPJQQlpVqZcxdt0DDjS16AR0LEaH2rWL++ +sj/OtBm5rqAmVcf1NNvzpC8f8WWgRYhx4nNhWKnEcTBQXT9NbFQhQY0WH3ebupnn +8PK0mX8PpfsjM/3vxtVVLmi+vBsxv0hBcdl+t4IPw/UbzozicF6jZpxRXxVujTE6 +WLGXaCnySS4T1zgtpewfgVMOMouGScUw5n2yHRZJpissGUVJtuPrOEmNFvDz7LRD +i00Rc4i2emsKTgKrkMIKyQWSqFIQ1nBUQ5B5ES1Q50432cppbyEW2rJJZjAuxgM= +=s2D5 +-----END PGP SIGNATURE----- +``` -- cgit v1.2.3