[tor-bugs] #6521 [Tor Sysadmin Team]: air gap the build machine

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Tue Aug 7 00:14:53 UTC 2012


#6521: air gap the build machine
-------------------------------+--------------------------------------------
 Reporter:  cypherpunks        |          Owner:     
     Type:  enhancement        |         Status:  new
 Priority:  critical           |      Milestone:     
Component:  Tor Sysadmin Team  |        Version:     
 Keywords:                     |         Parent:     
   Points:                     |   Actualpoints:     
-------------------------------+--------------------------------------------

Comment(by mikeperry):

 Given that we don't really have a physical office other than where Andrew
 gets snail mail, where would we store these machines to keep them safe?
 How do we authenticate people who get to have physical access? What
 happens when those people travel but an emergency security issue is found?

 Also, what about malware that infects the USB storage devices used to
 transfer source code onto the airgapped machine?

 I think deterministic reproducible builds are the clear winner over
 airgapped machines, and are also likely to actually be less effort in
 total.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6521#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list