1 |
On Wed, Sep 17, 2014 at 07:21:08AM -0400, Tim Boudreau wrote: |
2 |
> If someone wants to commit malicious code into Gentoo, they're far more |
3 |
> likely to take the ugly but pragmatic approach of, say, forcing someone to |
4 |
> commit malicious code at gunpoint and then shooting them, than to go to the |
5 |
> vast effort it would take to come up with malicious code that conveniently |
6 |
> has the same SHA-1 hash as an existing commit. |
7 |
|
8 |
But... what's the point? Upload ugly backdoor to all Gentoo users? (like |
9 |
there're 0,01% of computer users out there?) It would be easier to just |
10 |
gunpoint "the interesting user" or torture him for |
11 |
keys/passwords/whatever in some creepy basement. This looks like someone |
12 |
has a really bad fantasy about Gentoo ruling the world where every bad |
13 |
guy/terrorist/younameit uses this super-secured-gpged-git-portage (and |
14 |
looking at "Snowden files" all this is already exploited ;). |
15 |
|
16 |
|
17 |
Piotr Szymaniak. |
18 |
-- |
19 |
... wyobrazenie, ze ludzkosc zmierza ku jakiemus naprawde milemu |
20 |
przeznaczeniu, jest bajka dla dzieci ponizej szostego roku zycia, jak |
21 |
Dobra Wrózka, Zajaczek Wielkanocny i Sw. Mikolaj. |
22 |
-- Kurt Vonnegut, "Hokus Pokus" |