On Sun, Sep 8, 2013 at 1:42 AM, Tim Newsham <tim.news...@gmail.com> wrote:

> Jumping in to this a little late, but:
> >  Q: "Could the NSA be intercepting downloads of open-source
> > encryption software and silently replacing these with their own
> versions?"
> >  A: (Schneier) Yes, I believe so.
> perhaps, but they would risk being noticed. Some people check file hashes
> when downloading code. FreeBSD's port system even does it for you and
> I'm sure other package systems do, too.   If this was going on en masse,
> it would get picked up pretty quickly...  If targeted, on the other hand,
> it
> would work well enough...

But is the source compromised in the archive?

It think we need a different approach to source code management. Get rid of
user authentication completely, passwords and SSH are both a fragile
approach. Instead every code update to the repository should be signed and
recorded in an append only log and the log should be public and enable any
party to audit the set of updates at any time.

This would be 'Code Transparency'.

Problem is we would need to modify GIT to implement.

Website: http://hallambaker.com/
The cryptography mailing list

Reply via email to