Author: Bill Cox Date: To: tails-dev Subject: [Tails-dev] Secure development process?
Sorry to bug this list again about non-tails development, but I wish to
work with several developers on a fork of TrueCrypt this summer. We have
an interesting problem that you guys may know a lot about.
How can we develop secure code when any one of us might be secretly
attempting to insert a back door? Also, how can we develop the code in a
secure environment without having to worry that someone other than us has
modified all our git repositories without our knowledge? Currently, we
just have a couple of repos on github, which is probably foolish. What
steps to you guys take to securely develop Tails?
The process I'm thinking about would be something like:
- Set up a git server off-shore, running in a physically secure location,
with only one system admin that hopefully we can trust (wont be me - I'm in
the US)
- Give everyone git access only, using ssh keys.
- Every code update should be reviewed by every developer
Is this the right track? Is it enough? I am beginning to understand why
the original TrueCrypt devs decided to be anonymous. If "they" don't know
what your up to, "they" probably wont interfere. We're trying to do this
development without any anonymous developers.