History-less repository?

Peter Arrenbrecht peter.arrenbrecht at gmail.com
Sat Sep 20 02:08:58 CDT 2008 

On Fri, Sep 19, 2008 at 9:23 AM, Martin Geisler <mg at daimi.au.dk> wrote:
> Kurt Granroth <kurt.mercurial at granroth.com> writes:
>
> Hi Kurt
>
>> I've made significant headway in changing those opinions but am now
>> stuck on an issue that caught me off guard. That is, having the
>> entire history of the repository everywhere makes it "easier" to
>> catastrophically steal company IP (stolen laptops and the like).
>> With CVS or Subversion, you "only" get the current snapshot of code
>> and need access to the central server plus the right authentication
>> to get history and branches and the like. With Hg, it's all there.
>>
>> I'm not convinced that that's as big of a deal as it's made out to
>> be... but that remains as a legitimate worry so I *have* to address
>> it.
>
> From a security standpoint I think your argument should be that
> "stolen snapshot == catastrophic failure" and "stolen history ==
> catastrophic failure".
>
> The first failure is clearly a subset of the second, but even the
> first is unacceptable, and so it doesn't really matter if the second
> is "worse". Make that the principle point and argue that "security" by
> hiding the history is bogus. You want real security.
>
> It is a standard rule in cryptography that you should gather all your
> security in the size of the keys -- it makes the analysis cleaner and
> easier when all you assume is the secrecy of your keys. I think the
> same applies here: put your trust on the harddisk encryption of the
> laptops, make that your core trusted part, and then both failure
> scenarios above are handled.
>
> That said, then there are attemps to bring such shallow clones to
> Mercurial, but mostly because some histories can be so big that it is
> inconvenient to pull all of it. This page has some information:
>
>  http://www.selenic.com/mercurial/wiki/index.cgi/ShallowClone
>

This is just to inform everybody that I plan to pick shallow cloning
up again once I can manage it using the pbranch extension. Then would
be a good time for other interested parties to join the fray. ;)
-parren

More information about the Mercurial mailing list