[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Apso-devel] Hiding revision IDs
From: |
Jeronimo Pellegrini |
Subject: |
Re: [Apso-devel] Hiding revision IDs |
Date: |
Fri, 27 Oct 2006 21:59:19 -0300 |
User-agent: |
Mutt/1.5.13 (2006-08-11) |
On Thu, Oct 26, 2006 at 08:36:12AM -0300, Jeronimo Pellegrini wrote:
> On Thu, Oct 26, 2006 at 01:10:34PM +0200, Ulf Ochsenfahrt wrote:
> > Jeronimo Pellegrini wrote:
> > >This was brought up by Ulf Ochsenfahrt on Monotone-devel.
> > >
> > >Currently, Apso stores encrypted deltas in files whose name
> > >is the revision ID.
> > >
> > >Suppose you're working on project MyBSD, which is a modified version
> > >of the FreeBSD kernel. Then one day you resync with the FreeBSD
> > >tree. This delta from the BSD tree is well-known, and it would
> > >show to an attacker that you are working on a fork of FreeBSD.
>
> My FreeBSD example wasn't good... Suppose it was Xaraya, which is a
> project taht uses Monotone. You'd see the same SHA1 sum in the Xaraya
> tree and in the "secret" tree taht forked Xaraya.
Just a note: I obviously didn't mean anyone should start forking
projects secretly. It was just an example. :-)
J.