[Tails-dev] Secure development process?

Delete this message

Reply to this message
Author: Bill Cox
Date:  
To: tails-dev
Subject: [Tails-dev] Secure development process?
Sorry to bug this list again about non-tails development, but I wish to
work with several developers on a fork of TrueCrypt this summer. We have
an interesting problem that you guys may know a lot about.

How can we develop secure code when any one of us might be secretly
attempting to insert a back door? Also, how can we develop the code in a
secure environment without having to worry that someone other than us has
modified all our git repositories without our knowledge? Currently, we
just have a couple of repos on github, which is probably foolish. What
steps to you guys take to securely develop Tails?

The process I'm thinking about would be something like:

- Set up a git server off-shore, running in a physically secure location,
with only one system admin that hopefully we can trust (wont be me - I'm in
the US)
- Give everyone git access only, using ssh keys.
- Every code update should be reviewed by every developer

Is this the right track? Is it enough? I am beginning to understand why
the original TrueCrypt devs decided to be anonymous. If "they" don't know
what your up to, "they" probably wont interfere. We're trying to do this
development without any anonymous developers.

Thanks,
Bill