Steve, On Tue, Feb 8, 2011 at 3:39 PM, Steve Pinkham <steve.pink...@gmail.com> wrote: > On 02/08/2011 12:04 PM, NetSam-trklisted wrote: >> I have seen nothing but issues with SF.net lately. If you look at some of >> the underground zines you have seen SF.net getting attacked often last year >> with some scary results. I second > recommending an alternative sourcecode hosting scenario. > > Git gives every dev a cryptographically signed, full backup of all data > that cannot be modified without others noticing. Source code protection > is built in to git. It's one of the main reasons I'm so bullish on git. > There's also tons of other benefits I've already enumerated.
:D > All end user releases should be GPG signed. That's a great idea! I'll add it to my TODO list and we'll integrate that into the package build process. > All hosts can be and will be compromised. w3af (and all projects) need > to not be dependant on the security of their hosts. Agreed, > -- > | Steven Pinkham, Security Consultant | > | http://www.mavensecurity.com | > | GPG public key ID CD31CAFB | > > > ------------------------------------------------------------------------------ > The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: > Pinpoint memory and threading errors before they happen. > Find and fix more than 250 security defects in the development cycle. > Locate bottlenecks in serial and parallel code that limit performance. > http://p.sf.net/sfu/intel-dev2devfeb > _______________________________________________ > W3af-develop mailing list > W3af-develop@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/w3af-develop > > -- Andrés Riancho Director of Web Security at Rapid7 LLC Founder at Bonsai Information Security Project Leader at w3af ------------------------------------------------------------------------------ The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
