My friend Miron Cuperman, a software entrepreneur here in San Francisco, recently launched an interesting information security initiative called Gitian. The motivation is to eliminate software distributors as a single point-of-failure for malicious code injection. Here is Miron’s blog post which summarizes the initiative:

Operation Aurora (Google’s compromise by China) highlights the possibility that software distributions may be targeted for code injection by malicious parties. If Apple, Microsoft or Linux distributors are compromised, a large percentage of individuals, businesses and governments could be consequentially compromised when they install software updates.

One way to mitigate such a risk is to have multiple independent security auditors sign software distributions. This is more likely to be successful in an open-source environment, where source is available and can easily be inspected. I started such an initiative in late 2009 – Gitian.org.

When Miron told me about the initiative, I asked him to outline some specific failure scenarios to better illustrate what the initiative is meant to protect against, which he did here. The Gitian site is here. In his blog post, Miron also points out that a deterministic build system is necessary to implement the security measures he is promoting, and that before he implemented Gitian, he had never run across one, even though it is relatively straightforward to create.