From owner-freebsd-current@freebsd.org  Sat Jan  2 10:27:57 2021
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id CF9644CA717
 for <freebsd-current@mailman.nyi.freebsd.org>;
 Sat,  2 Jan 2021 10:27:57 +0000 (UTC)
 (envelope-from grarpamp@gmail.com)
Received: from mail-ed1-x536.google.com (mail-ed1-x536.google.com
 [IPv6:2a00:1450:4864:20::536])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4D7J4Y1GFxz3hv0
 for <freebsd-current@freebsd.org>; Sat,  2 Jan 2021 10:27:56 +0000 (UTC)
 (envelope-from grarpamp@gmail.com)
Received: by mail-ed1-x536.google.com with SMTP id g24so21903711edw.9
 for <freebsd-current@freebsd.org>; Sat, 02 Jan 2021 02:27:56 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to;
 bh=gNV5SIjrCHezQvqnxKdaA8dWeQayKOB2H2UGgBzRCYc=;
 b=nqB9WmyvO7FT9oGPPjjNaj4lcQkbCg3xeEvOJ1a+rTltQ5bCI5hfxt1dEzoM/iRy44
 dipJ6QUmSX4LKxZktF0+e1cuNzKsMxNemEUBmMUAhy4aSRg4apy7xOVM8FTktgfyIR/E
 1SV681KU7/SlbSCXoIoNHcj1pchc0Y2xlL8lSpX4hJ2qCY29EAoC1rZCHdnDBSrTV1Vm
 2SnR1r4/eaSDsDLE30E2eQD3eHL8m5k0LaPV9x17Uzzup9H8aY9Tu07V6frXotdbewrP
 gWuV5JHlClqDMEyk0uuUkuuyokx8ho9rs7zVLr5q05Lk/6NOy4Gpy/ZtWLFhPgi4MyTe
 ev4Q==
X-Gm-Message-State: AOAM531aXuy1Rb5CFq+WVxAGODeUPZ8sCMUDQw+FCUUh0angTyIp0csp
 ZYyRmDgH1sXvCJV/5hfs+oF2nkaDcu6nOWgktHQRB/ULyla3iw==
X-Google-Smtp-Source: ABdhPJwPxfu4GZ4jguUKoSO9nugL+6/0Sp8hRpPTEpcsloiHY7Pkl8PjezVZjIeyxP855xdCOzWLocjZyIP7Os0XvLg=
X-Received: by 2002:a05:6402:7d7:: with SMTP id
 u23mr61806140edy.325.1609583275256; 
 Sat, 02 Jan 2021 02:27:55 -0800 (PST)
MIME-Version: 1.0
Received: by 2002:a54:3d8d:0:0:0:0:0 with HTTP;
 Sat, 2 Jan 2021 02:27:54 -0800 (PST)
In-Reply-To: <60082.1609572957@critter.freebsd.dk>
References: <20201223162417.v7Ce6%steffen@sdaoden.eu>
 <20201229011939.GU31099@funkthat.com>
 <20201229210454.Lh4y_%steffen@sdaoden.eu>
 <20201230004620.GB31099@funkthat.com>
 <CAD2Ti2-4xS5n0+1oLOHyFh4+OCnwtNAAwMkkWzwRVDnt-xmb1Q@mail.gmail.com>
 <20201231193908.GC31099@funkthat.com>
 <CAD2Ti2-dKMOx2-k71UyZs1kAGCXPuVwO9ee861oRFNV=aCfuqA@mail.gmail.com>
 <20210101140857.x3hbci6c4nwi7gl7@mutt-hbsd>
 <slrnruv17k.rlr.naddy@lorvorc.mips.inka.de>
 <CAKBkRUy_MJDpROVbX=MhvHvdBJTEaYU83cHMHaqsEDcLX4KKRw@mail.gmail.com>
 <20210102021254.35o3snqb5fcvmbt3@mutt-hbsd>
 <60082.1609572957@critter.freebsd.dk>
From: grarpamp <grarpamp@gmail.com>
Date: Sat, 2 Jan 2021 05:27:54 -0500
Message-ID: <CAD2Ti2-9gsLXv0DqbBfn6K=Ded+My1grYpwV3EAKf8mW_V=baA@mail.gmail.com>
Subject: Re: HEADS UP: FreeBSD src repo transitioning to git this weekend
To: freebsd-current@freebsd.org
Content-Type: text/plain; charset="UTF-8"
X-Rspamd-Queue-Id: 4D7J4Y1GFxz3hv0
X-Spamd-Bar: ---
X-Spamd-Result: default: False [-4.00 / 15.00]; FREEMAIL_FROM(0.00)[gmail.com];
 R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36];
 TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+];
 DMARC_POLICY_ALLOW(-0.50)[gmail.com,none];
 NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[];
 MIME_TRACE(0.00)[0:+];
 RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::536:from];
 FREEMAIL_ENVFROM(0.00)[gmail.com];
 ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US];
 DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000];
 R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[];
 TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000];
 MIME_GOOD(-0.10)[text/plain];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-current@freebsd.org];
 RCPT_COUNT_ONE(0.00)[1];
 SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::536:from:127.0.2.255];
 RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::536:from];
 RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[];
 MAILMAN_DEST(0.00)[freebsd-current]
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Jan 2021 10:27:57 -0000

> No amount of cryptography can or will protect against that.

Though it can help attribute that to a source,
else ignore rainbow books and go back to telnet,
root password 'root', CVS, no backups, logs, etc.

> As interesting as this thread has been (not!)

Contrare.
Equally as interesting as thread's and
other details, is how to attend that too.
Luck playing guess the mole and trying to
SF-86 and p2p everyone only goes so far.
Stronger layered yet is a [change] audit group,
selected randomly and randomly rotated through,
all who must approve.
And to provide alt eyes and counter self project bias,
a review trade market with other OS projects denominated
in LOC [fair weighted by spaghetti and doc ratios].
Pay for more coverage by foundation holding back
1/4 of its crypto donations and mining as investment.

Defense in depth.

Have fun.