There really is no simple answer to the xz case. We can reduce dependencies, we can strengthen sandboxing, we can make it harder for dependencies to inject code. But fundamentally we still depend on the idea that our dependencies are trustworthy and the only real way to guarantee that is to have strict examination of every single line of code
Conversation
Notices
-
Embed this notice
Matthew Garrett (mjg59@nondeterministic.computer)'s status on Monday, 01-Apr-2024 16:02:23 JST Matthew Garrett -
Embed this notice
Matthew Garrett (mjg59@nondeterministic.computer)'s status on Monday, 01-Apr-2024 16:02:33 JST Matthew Garrett English police assumed false identities and infiltrated activist groups and even had children with members of those groups with the backing of the state, what kind of "real name" policy would have prevented that? There's a degree to which reputation associated with an online identity is important but there's no evidence that trying to tie that to any kind of government issued ID improves anything - and there's no inherent reason to believe that an established identity is trustworthy
-
Embed this notice
Matthew Garrett (mjg59@nondeterministic.computer)'s status on Monday, 01-Apr-2024 16:02:41 JST Matthew Garrett I love that Debian discovered both the failure of crowdsourcing a web of trust via keysigning parties (someone used ID in their name but issued by a fake country) and the failure of assuming upstream is trustworthy (an upstream buried code that wouldn't trigger on the Debian maintainer's system but would everywhere else) back in the 2000s but the free software ecosystem is still trying to come up with social solutions to a technical problem
-
Embed this notice
Matthew Garrett (mjg59@nondeterministic.computer)'s status on Monday, 01-Apr-2024 16:11:26 JST Matthew Garrett @GossiTheDog I've been the security lead for a security-critical Linux deployment in a giant corporation and I literally cannot envisage a way we could have caught this without rearchitecting the entire OS, up until the point where it was actively exploited against us.
-
Embed this notice