How do we defend against dependency based side-channel attacks at @securedrop project https://kushaldas.in/posts/defending-against-side-channel-attacks-via-dependencies.html #Python Let me know what do you think. #Security
@kushal @securedrop Sounds good. Itβs roughly what we do for Freenet, though there itβs done by gradle witness β and we have a script that can disassemble the release jars and check them against a local build, and the script ignores timestamps: https://github.com/freenet/scripts/blob/master/verify-build#L2
Though nowadays I would prefer to use a Guix setup for this.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!
@kushal @securedrop Sounds good. Itβs roughly what we do for Freenet, though there itβs done by gradle witness β and we have a script that can disassemble the release jars and check them against a local build, and the script ignores timestamps: https://github.com/freenet/scripts/blob/master/verify-build#L2
Though nowadays I would prefer to use a Guix setup for this.