Re: Git haas gone wild (Rust)

On September 8, 2025 4:57:34 PM GMT+03:00, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote:
>Chris Torek writes:
>
>
>> > ... some projects are composed of 100 different components downloaded live
>> > from god knows which mitm'ed mirror and compromised repo with no sha512
>> > taken of anything
>> >
>> > js seems to be king in that. but also go
>> >
>>
>> Both Go and Rust have mechanisms to deal with security issues here.
>
>They only protect (somewhat) against the security issues that can
>arise during transmission.
>
>They provide no protection against the far more common risk, that
>one or more dependencies amongst the far too many, are supplied by
>hostile entities who are more than capable of decorating their
>malware with the cryptographic stickers required to pass the
>mechanisms you mention.
>

yeah, if we go that path...

how to protect from that anyway?

i have made and used malware earlier in my life in teen years. i just used common components. key was in what the code actually did

there would be no protection from this

i recently wondered how i could possibly distribute code that i can't make bad changes to, only good changes? or perhaps have a audit trail

so, if i want to modify code or are perhaps required to do so either by (death) threats that could be "legal" (by "good" nation state, for whatever nice (fight crime) / "nice" (fight "crime" (violate human rights)) reason) or "illegal" (like (organized) crime). how to make users aware of this?

so i could just say i have it in place and modification will show up. perhaps this could protect me from anyone ever trying

i don't know any good ways. but then i know there are smarter guys (or not) here

once that is solved, this also fixes the on-the-way compromises. storage, distribution, transmission, build, bin dist, bin long term store, etc...

best i could come up is offline code signing but that's not rubber hose cryptanalysis proof. let alone other attack proof

any mathematical way to solve this manmade problem?