| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by chefandy 696 days ago

Right-- A busy maintainer sees a weird looking commit-- but it's three lines long, submitted from a known contributor, and the tests pass. It was very carefully planned to be innocuous-looking enough to not trigger any concerns with a casual once-over (oh, it just changes the way an error is printed) and obfuscated enough to not be obviously malicious because of the diff formatting, and submitted by a reliable known contributor. Each piece was designed to make a rigorous code review as unlikely as they could possibly make it.

Sure, that's not how it's SUPPOSED to happen, but I'll eat my hat if at least 95% of people who've approved a PR at some point couldn't have been walked down that path by a dedicated attacker over time. Hopefully this has been enough of a jolt to make that less likely the next time someone tries it.

People often cite death and taxes as the only certainties in life-- we could easily include human fallibility.

1 comments

Bluestein 696 days ago

> People often cite death and taxes as the only certainties in life-- we could easily include human fallibility.

What was it ... 80% of aviation accidents due human error?

chefandy 696 days ago

Sounds about right. Although some number of those could be classified as plane interface errors or process deficiencies, nobody is perfect. Beyond that, in those situations, nobody was deliberately trying to get them to crash the plane!

In the years I worked as a nightclub bouncer, dozens or hundreds of people would try to fool me every night... and sometimes they did! I had a lot of experience foiling them, but they had a lot more time on their hands to scheme whatever thing they were scheming than I had to pay attention to them, individually.

As people pointed out, this was a technically simple attack-- the meat of the attack was psychological and emotional. In practice, particularly smart people are more susceptible to attacks like this because they subconsciously assume they'll catch everything that comes at them, and make a lot of assumptions about the attack vectors of problems based on what they're good at, like the classic XKCD about cryptography vs a wrench.