[tor-bugs] #6521 [Tor Sysadmin Team]: air gap the build machine
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Aug 7 00:14:53 UTC 2012
#6521: air gap the build machine
-------------------------------+--------------------------------------------
Reporter: cypherpunks | Owner:
Type: enhancement | Status: new
Priority: critical | Milestone:
Component: Tor Sysadmin Team | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------------+--------------------------------------------
Comment(by mikeperry):
Given that we don't really have a physical office other than where Andrew
gets snail mail, where would we store these machines to keep them safe?
How do we authenticate people who get to have physical access? What
happens when those people travel but an emergency security issue is found?
Also, what about malware that infects the USB storage devices used to
transfer source code onto the airgapped machine?
I think deterministic reproducible builds are the clear winner over
airgapped machines, and are also likely to actually be less effort in
total.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6521#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list