undefined | Better HN

0 pointsdanpalmer4y ago0 comments

Exactly, that was their point. I suspect there are a lot of software supply chains that are actually compromised, because it's just too easy when this is the standard of software engineering.

It's easy to forget that git for example is not just a big "undo" button, it's a cryptographically secure audit log of all changes made, that allows you to know exactly what software you're actually shipping.

0 comments

bostik4y ago

> cryptographically secure audit log of all changes made, that allows you to know exactly what software you're actually shipping.

To be pedantic: not quite.

Git is certainly a cryptographically secure audit log[ß] but it only tells you what the source code was that went _into_ the build at the time of checkout. You can subvert the process through malice (eg. Solar Winds), through incompetence (eg. off-tree "magic" patching as a build step), or through sheer negligence.

Reproducible and auditable builds are a much harder problem than source code provenance.

ß: from my previous job: once auditors understood what git is, they loved it. They, by their profession, love immutability. Failing that, they consider tamper-evidence a really good second-best.

danpalmerOP4y ago

Of course, I was simplifying this somewhat to make a point. I think git can be a significant part of the solution, but there's a lot more that goes into it.

j / k navigate · click thread line to collapse