On Sat, May 03, 2014 at 02:51:43PM -0400, Nathan Freitas wrote: > > On May 2, 2014 8:46:08 PM EDT, Griffin Boyce <grif...@cryptolab.net> > wrote: > > > On 2014-05-02 20:35, Andrew Cady wrote: > > > > > On Fri, May 02, 2014 at 05:22:11PM -0400, Griffin Boyce wrote: > > > > > > > I can't be vanned/rubber-hosed because I don't actually know the > > > > password to my Google developer account. > > > > > > If you can upload code -- with or without a password -- then > > > you can be forced to upload malicious code (assuming you are > > > vulnerable to vans and rubber hoses). > > > > As could someone at Microsoft, Apple, or Canonical. My current > > system fails closed pretty hard, even in the case of, say, someone > > breaking into my apartment. The benefit of the project being > > open-source is that such a change wouldn't go unnoticed. And it's > > trivial to fetch the extension code from Google and compare it. > > Automated distributed deterministic build comparisons FTW! > > Seriously, it seems like we are pretty close with such a thing for > Android APKs, so perhaps Chrome extension bundles could be added to > the list, as well.
Certainly, deterministic builds serve a valid and useful security purpose. However, they do nothing to protect against the threat of "rubber hose" attacks on a developer, because in such cases, it is not the binary, but the source that is compromised. As far as Chrome extensions, they are written in javascript, so deterministic builds are inapplicable anyway. -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
