Comment - google hack got source code- The Inquirer

Comments

Re: Proper SCM Design

Changing the hashes? Not so easy.

1) Every commit includes references to the corresponding state of its file tree, as well as its parent commit(s). Change any of the files or the parent hashes, and suddenly the child commit becomes an orphan, or fails to find its file tree. Unless you hack the child commit as well. And then you have to hack its children, and so on, right down through the entire repository. You can’t just tell one lie, you have to tell a whole lot of lies.

2) Git is a distributed version-control system. That means that everybody has their own copy of the entire repository. You may be able to change one copy, but how do you hack into everybody’s machines to change them all? But if one is changed and another is not, then you’re going to set off alarm bells as soon as somebody tries to pull or push patches between them, and finds it failing because things that are supposed to match up, don’t.

posted by : Lawrence D'Oliveiro, 08 March 2010 Complain about this comment

Yeah but.

@Lawrence D'Oliveiro so all you have to do is get access to the system and change the hash according to your changes to the code, that's not so impossible is it?

posted by : W.-, 07 March 2010 Complain about this comment

Proper SCM Design

This is why Git attaches an SHA-1 hash to every single object in the repository. Change one bit of any object, and the SHA-1 hash will no longer be the same. But every object is referred to by its hash. So if the hash doesn’t match, you’re going to get pretty obvious errors trying to follow those references, and you’ll notice that something is wrong.

Which is not to say you can’t fake history with Git (it even provides the tools to make it easy), but you cannot hide the fact that you have done so.

posted by : Lawrence D'Oliveiro, 04 March 2010 Complain about this comment

no news here...

Source code (IP) "...the crown jewels". Ummm, news flash - this code, like most, probably was outsourced a couple times over. The crown jewels of America were already and continue to be silently (and knowingly) pissed away everyday.

posted by : Joe, 04 March 2010 Complain about this comment

In prior reports Internet Explorer was the crucial vulnerability.

I've no sympathy for anyone who uses IE, certainly not any corporate IT that does. Merely click on a link to an infected website, and there goes all your other protections.

posted by : bigger_luddite, 04 March 2010 Complain about this comment

Google hacked by amateurs

CNN reports that an Atlanta-based company is saying the Chinese Google hack was done by amateurs on a low budget:

http://edition.cnn.com/2010/BUSINESS/03/03/china.google.study/

Your data is save in the cloud.

posted by : Joe ZHou, 04 March 2010 Complain about this comment

INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage

INQ Jobs

Siebel Specialist

Roc Search / 11 month Contr...

INQ Poll

Facebook starts selling shares

Will you buy Facebook shares?

Yes, it's a great investment

Yes, I want to frame a share certificate

No, it's overpriced

No, I'm not stupid

What, Facebook sold shares? I thought it was free

View other polls

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Salary Calculator

Search for a job:

Recruitment Agency A-Z Directory

Accreditations:

Digital Publisher of the Year 2010

London Olympics: Westfield Stratford prepares for visitor deluge with tech innovation [Video]

Sony Vaio S Series hands on [Video]