Re: Revival of the signed debs discussion
On Tue, Dec 02, 2003 at 01:17:58PM +0100, Goswin von Brederlow wrote:
> Tom <email@example.com> writes:
> > What precautions are taken that the DD actually signed it with the DD's
> > private key?
> > Set aside the possibility that the DD herself is actually the attacker.
> You never can. But once the compromise or the DD is found out it would
> be easy to scan the archive for possible compromised packages audit
> the sources and rebuild the binaries.
Thanks for the frankness; I was asking the question pointedly. But if
you fix the problem after it occurs, the damage is done.
Closed source companies have ways of dealing with social engineering
aspects (people wear badges; secure sources on isolated networks,
security guards, threats of firing people, smart cards for SSH/VPN).
I worked at Microsoft for 3 years and did some work with the security
guys. The main branch of NT is about 70gb. They have a policy that any
code has to be on encyrpted file system. If your laptop gets stolen
with NT code on it, you get fired. If you leave your laptop in your car
or check it on your airplane, you get fired.)
The point of my question is: what can open source do that is comprable?
It seems especially relevant considering the other thread about
establishing Enterprise Debian.
My nagging is just to provoke thought in the community. I don't have