Date: Sat, 02 Jan 2021 07:35:57 +0000 From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: Shawn Webb <shawn.webb@hardenedbsd.org> Cc: Li-Wen Hsu <lwhsu@freebsd.org>, Christian Weisgerber <naddy@mips.inka.de>, freebsd-current <freebsd-current@freebsd.org> Subject: Re: HEADS UP: FreeBSD src repo transitioning to git this weekend Message-ID: <60082.1609572957@critter.freebsd.dk> In-Reply-To: <20210102021254.35o3snqb5fcvmbt3@mutt-hbsd> References: <20201223162417.v7Ce6%steffen@sdaoden.eu> <20201229011939.GU31099@funkthat.com> <20201229210454.Lh4y_%steffen@sdaoden.eu> <20201230004620.GB31099@funkthat.com> <CAD2Ti2-4xS5n0%2B1oLOHyFh4%2BOCnwtNAAwMkkWzwRVDnt-xmb1Q@mail.gmail.com> <20201231193908.GC31099@funkthat.com> <CAD2Ti2-dKMOx2-k71UyZs1kAGCXPuVwO9ee861oRFNV=aCfuqA@mail.gmail.com> <20210101140857.x3hbci6c4nwi7gl7@mutt-hbsd> <slrnruv17k.rlr.naddy@lorvorc.mips.inka.de> <CAKBkRUy_MJDpROVbX=MhvHvdBJTEaYU83cHMHaqsEDcLX4KKRw@mail.gmail.com> <20210102021254.35o3snqb5fcvmbt3@mutt-hbsd>
next in thread | previous in thread | raw e-mail | index | archive | help
As interesting as this thread has been (not!), let me remind everybody that the cheapest, easiest and most efficient and profitable way for a Nation State Actor to trojan the FreeBSD code-base, is to assign an employee to a deniable job, and have them become a FreeBSD committer. No amount of cryptography can or will protect against that. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?60082.1609572957>