Date: Tue, 15 Apr 2025 23:28:49 -0700 (PDT) From: Don Lewis <truckman@FreeBSD.org> To: Sulev-Madis Silber <freebsd-hackers-freebsd-org952@ketas.si.pri.ee> Cc: freebsd-hackers@freebsd.org Subject: =?iso-8859-7?Q?Re=3A_Issues_I=A2ve_had_with_Void?= Message-ID: <tkrat.056362af222436c4@FreeBSD.org> In-Reply-To: <26047592-1D58-47E2-B570-4AAED11B1C48@ketas.si.pri.ee> References: <ABE881EE-1B3B-4F91-8E56-91F28A9291AC@paige.bio> <26047592-1D58-47E2-B570-4AAED11B1C48@ketas.si.pri.ee>
index | next in thread | previous in thread | raw e-mail
On 16 Apr, Sulev-Madis Silber wrote: > concern about getting backdoors info fbsd? > > lets think like criminal here > > it doesn't matter if contribution is anon or not. you could do both > anyway > > as far as i know, i can't recall any cases like this here. maybe there > are hidden ones. feel free to correct > > sadly there's nothing much one can do. it might still fall through > cracks. there are number of things one can do here to mitigate the > results. easiest would be to not run the same code everywhere. there > are different versions of fbsd that could be used. this also catches > accidental bugs. past that you need different oses. with different > oses you also need different libs. and this only makes it harder for > attack to succeed. but it's pretty hard always > > so unsure if any changes would need to be made. it would be > ridiculously hard to verify all and this would essentially "ddos" the > whole thing > > funnily, the recent unannounced ports system change around *kmod* > ports versioning got my attention. turned out to be legit change > > then i mentioned to one port maintainer that changing up stream files > could be compromise too > > now imagine if ports-upstream or base coder did this on purpose. > pretty hard > > but i don't think that selfies with passports would help here. also > don't forget that there are legit reasons for anonymity. there are > weird states on this planet, etc. sure, same could have interest in > hacking too > > but yeah. sadly, i wish fbsd would be more popular. but then, all bad > things come along too! i would still try to make fbsd more popular > tho, just too good to let them scare me > > if successful attack would go through, just remove the code and the > attacker. and don't really blame one who got it in. similar to > libarchive case > > fbsd is imho partially protected by it's pace. that's a drawback too. > if you push the pace, you get mistakes. i've seen many happen in fbsd > too. the problem was the pace, it has no name or face. in cba > resulting changes were good. but yeah i frown on this. someone got > annoyed i recall but that want never intent. idea was to keep quality. > i have questioned the way the libxo or wg got in, for example. good > ideas. way and pace, well... > > but yes, all those concerns are actually valid and worth to think > about every so often > > both accidental bugs and deliberate attacks perspective > > > > On April 16, 2025 2:40:07 AM GMT+03:00, paige@paige.bio wrote: >>How high of a standard is there for contributions to the core >>components of FreeBSD (ie not ports) ? >> >>In my mind you guys would require some info about the contributor, as >>in somebody with a real name as opposed to a gamer tag right? >> >>I¢m just kinda pissed off at the sorry ass way some linux distros have >>handled accountability and attribution, but particularly Void. My >>sense is, with FreeBSD it matters a lot given the investment of the >>people I know who have contributed to it over the years, I¢m sure they >>would like to believe this still matters and it¢s too important to >>allow contributions that can¢t be definitively attributed to a real >>person. >> >>I get with ports it¢s a bit different, and that the Linux kernel is >>not void. As a matter of fact I have a mirror of the ports distfiles >>(at least about 400gb of them) and it¢s scary to think about but it¢s >>at least a little less scary to me than the way Void handles package >>management because I feel like somebody is willing to endorse at least >>the core part of FreeBSD. >> >>Idk I guess I'm just starting to realize how much people don¢t learn >>from some mistakes. A couple of years ago when sshd got backdoored, it >>was incredible to think that the attacker actually used coercive >>tactics, and I¢m sure a lot of people were shaken by it but it just >>seems apparent to me that there are much simpler opportunities for >>attacks against various Linux distributions. >> >>ÓôÜëèçêå áðü ôï iPhone ìïõ > It's also possible to Trojan the compiler or other parts of the toolchain. Done skillfully, it could silently propagate to new compiler releases. https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdfhelp
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?tkrat.056362af222436c4>