|
|
Subscribe / Log in / New account

Verify the identity of developers

Verify the identity of developers

Posted Apr 6, 2024 16:53 UTC (Sat) by farnz (subscriber, #17727)
In reply to: Verify the identity of developers by smurf
Parent article: A backdoor in xz

When xz started, and indeed when most of the open source that's now "critical infrastructure" started, it was just a hobby project, and not critical. It became critical because it was useful and became used; but that's on the users, not the developers.

Or are you saying that I'm allowed to demand that you go through a very long list of government snoopage because I've used your comment in something critical, and you now owe me big time for my decision to make use of your work?

to post comments

Verify the identity of developers

Posted Apr 7, 2024 2:35 UTC (Sun) by draco (subscriber, #1792) [Link] (1 responses)

No, I think it's the other way around

Perhaps I don't want the reputational damage of having nation state attacks on my project, so I insist on knowing that the patches I accept are from real, identifiable people from countries I trust

Maybe nobody contributes to my project, maybe I'm ok with that, maybe some people feel better about my project because of that policy

Maybe people who don't like that choose to fork it, that's their right, but then they accept the consequences

Or maybe they do the same thing, but with different trust decisions about who's ok 😂🤷

A variant of this has happened before: DJB is very opinionated about what goes into his software

Is this a good approach? The proof won't be in any arguments about it, but in what actually happens

Verify the identity of developers

Posted Apr 7, 2024 11:17 UTC (Sun) by farnz (subscriber, #17727) [Link]

But what if you yourself are a nation state attacker? How do I know when I look at something and consider using it that you're trustworthy? How do I as a potential user get you to jump through my hoops that confirm that you are a real, identifiable person from a country I trust?

And remember that for a lot of contributions, I can see that they're safe by review; why would I demand anything from a contributor when it's obvious to me that the change is good as-is? For code where I can't completely review it, I need some degree of trust, but where I can review in full, why would I put you through a barrage of trust checks just to go 'yep, I can see that changing "correct. the system" to "correct. The system" is a good change to make'?


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds