Oddbean new post about | logout
cloud fodder | 1 years ago (raw) | root | parent | reply | flag 
 Ya I was thinking about this... we could do independent audits.. but probably would need to be done by someone who doesn't run a relay?  Ie, I could verify you, but then it'd be fishy if you verified me lol.. 🤔
cloud fodder | 1 years ago (raw) | root | parent | reply | flag +1 
 Basically, we could give non-superuser ssh access to one of the security folks that we trust, so that they could at any time, ssh in and verify the logs are not being kept.  Then they publish what they find periodically.  Kind of like how companies do independent security audits.
il_lost_ | 1 years ago (raw) | root | parent | reply | flag 
 What about this? https://audgit.ai/
cloud fodder | 1 years ago (raw) | root | parent | reply | flag +1 
 Auditing the code is not enough, we would need to audit the state of the server since most of these servers allow ssh access the state of the system can be changed at any time by an operator.
nobody | 1 years ago (raw) | root | parent | reply | flag 
 An even further issue is that in the case of allowing an auditor in, it would expose secrets as well.
nobody | 1 years ago (raw) | root | parent | reply | flag 
 This is cool, but yeah, it’d have to be combined with something to audit to deployment as well.