Matthew Garrett

@[email protected]
16.1K Followers
168 Following
6.2K Posts
Former biologist. Actual PhD in genetics. Security at Nvidia, OS security teaching at https://www.ischool.berkeley.edu. Blog: https://codon.org.uk/~mjg59/blog . He/him.
Bloghttps://codon.org.uk/~mjg59/blog
Signal@mjg.59
Show threadMatthew Garrett4h ago
@hyc you appear to be responding to something I didn't say
Show threadMatthew Garrett4h ago
@hyc if you can look at sysv init scripts and think "This is the reasonable outcome of a thoughtful design process" then we are so far apart in matters of taste that there's no point in further discussion
Show threadMatthew Garrett6h ago
@hyc as long as you're not having to pipe it through awk first because the tools all use entirely incompatible formats
Matthew Garrett1d ago
Blog post about my #bsidessf talk on using SSH certificates for git signing: https://codon.org.uk/~mjg59/blog/p/ssh-certificates-and-git-signing/
SSH certificates and git signing

When you’re looking at source code it can be helpful to have some evidence indicating who wrote it. Author tags give a surface level indication, but it turns out you can just lie and if someone isn’t paying attention when merging stuff there’s certainly a risk that a commit could be merged with an author field that doesn’t represent reality. Account compromise can make this even worse - a PR being opened by a compromised user is going to be hard to distinguish from the authentic user.

Matthew Garrett's Blog
Show threadMatthew Garrett1d ago
@usul https://docs.google.com/presentation/d/104FGFINl44wRwuxCU90CZx9DMh2LGAGMHXSIt96S440/edit?usp=drivesdk
Git commit signing The good bits (and the bad ones)

Practical (and impractical) git commit signing Matthew Garrett <[email protected]>

Google Docs
Matthew Garrett1d ago
I'm at #bsidessf and a little later this afternoon (3:50) I'll be in theatre 9 giving a talk on git signatures and why you should use SSH certificates
Matthew Garrett1d ago

If I were the subject of an English High Court order that included the text:

"Under paragraph 11(a) of this Order the First Defendant is prohibited from publishing further words that bear the following meanings, or similar defamatory meanings:
(1)The Claimant has abused, harassed and blackmailed many individuals online."

I would simply not publish further words that bore that meaning or a similar defamatory meaning

Show threadMatthew Garrett1d ago
@shiz nothing stopping someone else solving the same set of problems tbh
Show threadMatthew Garrett1d ago
Resolved thanks for everyone's help
Matthew Garrett1d ago
Having the core infrastructure for Linux distros be written with a coherent set of design goals instead of being 200 independent projects that can only interoperate via shell scripts parsing and piping output is good, actually