I agree that this is a potentially huge problem, but I wouldn't say that they ha... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		gspr on June 10, 2022 \| parent \| context \| favorite \| on: Gitsign I agree that this is a potentially huge problem, but I wouldn't say that they had "no way"; thanks to git's distributed natured, surely if N developers got together and verified that their local hashes match up to a certain commit, they could be reasonably sure that those are legitimate.

Gigachad on June 10, 2022 [–]

The hack had happened a while ago. So it would have synced up for everyone. Sure, you might notice, but you very easily wouldn’t.

gspr on June 11, 2022 | [–]

Good point!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact