|
|
|
|
|
|
by stelfer
1977 days ago
|
|
|
> So how do we guard against this type of attack? Looks like they compromised the editor. If so, then I imagine checking checksums for each component of the toolchain would work. Though if they compromised the filesystem or runtime then that would complicate things. But still, a hash tree or certificate of the OS and toolchain as part of CI would seem to be a good idea in 2021. |
|
|