<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Sun, Oct 26, 2014 at 5:28 PM, Sandy Harris <span dir="ltr"><<a href="mailto:sandyinchina@gmail.com" target="_blank">sandyinchina@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Various computer-mediated activities may end up in court for a range<br>
of reasons and in many cases log files will be used as evidence.<br>
However for most log file formats, deleting a few lines or adding a<br>
few bogus ones is trivial. Even forging an entire file or large chunk<br>
thereof is not impossible.<br></blockquote><div><br></div><div>There are risks here but crypto hashes of the source tree used to build a software</div><div>product can be published without disclosing the source and any trade</div><div>secrets it might contain. </div><div><br></div><div>One risk is the difficulty of preserving the entire build system and the </div><div>entire process involved. After a couple years the hardware is unlikely</div><div>to be available. An OS snapshot restored opens security issues patched</div><div>between then and now. Some tools like an EMC cloud resource are</div><div>not under control (active and full audit) of customers.</div><div><br></div><div>However make rules could systematically generate strong hashes </div><div>of each file collect them sort compress and generate a hash...</div><div>Generated binary bits are harder to reproduce because some content</div><div>is date and time sensitive... Make and make clean rules can reach </div><div>back a long way in time when deciding to generate an object file.</div><div>The object file set might span multiple compiler releases. I have</div><div>yet to see a makefile that triggers a clean when the compiler changes.</div><div>I have seen engineers do it... </div><div><br></div><div>Ada and some milspec processes try to cover this -- Modula 4? tried </div><div>as well.</div><div><br></div><div>Time is relentless... large projects take time.</div><div><br></div><div>Good question.</div><div><br></div></div><div><br></div>-- <br><div dir="ltr"> T o m M i t c h e l l</div>
</div></div>