T3chFest 2019

Alina Matyukhina

How to protect your privacy in open-source projects

Mar 2019

Open-source software is open to anyone by design, whether it is a community of developers, hackers or malicious users. Authors typically hide their identity through nicknames and avatars, however they have no protection against authorship attribution techniques. By using the authorship attribution method today it becomes possible to create links between binaries originating from the same group of authors (Black Hat USA 2015 “Big Game Hunting: The Peculiarities of Nation-State Malware Research”) or find stylistic fingerprints in the source code (DEFCON 26/2018 “De-anonymizing Programmers from Source Code and Binaries”). This technique, however, may be used in threatens to chill the free speech (contribution) of software developers activists. Such chilling effect can be seen in several cases, in which developers being treated as individuals of suspicion, intimidated by authorities and/or persuaded into removing their software from the Internet.


0 comment