I absolutely disagree, real world compromises of build servers prove that. Red Hat have had to blacklist packages attackers have managed to sign before, e.g. https://www.redhat.com/security/data/openssh-blacklist.html …
Yep, I guess we do disagree on this. I don't see a significant difference in attack surface to build and package signing infra, which already regularly gets popped and that's good enough to defeat FDE today. Where do you see the difference?
-
-
Show me Apple, Google or Microsoft signing infra getting popped regularly and maybe I’ll believe you that it a regular occurrence in related systems. Even then layering the changes to accommodate frequency of access and associated authentication problems is massively different.
-
I don't follow, Microsoft build infra was just recently popped?
- 22 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.