Like you... I am also curious what the Tails devs have to say about all this... however I suggest following the principle of least authority/privilege!
https://en.wikipedia.org/wiki/Principle_of_least_privilege Why not just use peer review + gpg signed git release tags? Are you saying that a US hosted git repo will be able to counterfeit git commits even if you use gpg signed git release tags?... if so then I don't know what else to suggest. I fail to see what a non-US hosted git repo would protect against... and I am also somewhat unfamiliar with the concept of a physically secure location (secure against drone attacks or other armed police/military actions or what? Is there such a place?)... Give everyone git access with ssh because ssh 0-days are more expensive to purchase than TLS 0-days? On Thu, Jun 5, 2014 at 12:52 PM, Bill Cox <[email protected]> wrote: > Sorry to bug this list again about non-tails development, but I wish to work > with several developers on a fork of TrueCrypt this summer. We have an > interesting problem that you guys may know a lot about. > > How can we develop secure code when any one of us might be secretly > attempting to insert a back door? Also, how can we develop the code in a > secure environment without having to worry that someone other than us has > modified all our git repositories without our knowledge? Currently, we just > have a couple of repos on github, which is probably foolish. What steps to > you guys take to securely develop Tails? > > The process I'm thinking about would be something like: > > - Set up a git server off-shore, running in a physically secure location, > with only one system admin that hopefully we can trust (wont be me - I'm in > the US) > - Give everyone git access only, using ssh keys. > - Every code update should be reviewed by every developer > > Is this the right track? Is it enough? I am beginning to understand why > the original TrueCrypt devs decided to be anonymous. If "they" don't know > what your up to, "they" probably wont interfere. We're trying to do this > development without any anonymous developers. > > Thanks, > Bill > > _______________________________________________ > Tails-dev mailing list > [email protected] > https://mailman.boum.org/listinfo/tails-dev > To unsubscribe from this list, send an empty email to > [email protected]. _______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
