[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Watermarking checkouts

From: Erik Anderson <erikba_at_teamworkgroup.com>
Date: 2005-08-19 19:30:20 CEST

Actually, it sounds like this "watermarking" needs to be something less
visible to the user. If the user has 99% of the source code but needs
that last 1% to compile it, he can still release that 99% of the source

It sounds like what is being requested is something like movie scripts do
sometimes. I know that some Star Trek scripts had one starbase change its
number in every script, so that if one was leaked they could go check the
starbase number in that particular copy of the script and figure out about
where it came from.

I don't believe that there are any hook scripts available to filter a
file's contents as it is being checked out though.

-----Original Message-----
From: Russ Lewis [mailto:webmaster@villagersonline.com]
Sent: Friday, August 19, 2005 10:24 AM
To: John Tyler; users@subversion.tigris.org
Subject: Re: Watermarking checkouts

Perhaps you release a copy of the code that won't build (or perhaps not
run) without a single, key component. Then you distribute that
component through a non-SVN mechanism. Perhaps a private/public key
pair, with the private key buried in a precompiled .o?

As you noted, this won't help you find the serious, dedicated,
knowledgable hacker, but it will discourage casual release and/or help
you track down accidental releases.

John Tyler wrote:

>We have a desire/requirement:
>- to be able to determine which checkout a particular
>binary was built from
>- that this occur without the knowledge of the user
>who did the checkout
>- that any changes required to make this occur be
>server-side, not client-side
>Clearly such a mechanism is going to be fragile; a
>user who has worked out that such a mechanism is in
>use is probably going to be able to find the change
>and undo it (or at least mangle it to frustrate
>correct identification). Its intended use is solely to
>increase the odds of being able to catch out a user
>who has disclosed confidential information (sourcecode
>to unpublished software in this case), should this
>I suspect that this request will cut against the grain
>for many developers, open-source or otherwise, and
>apologise for any offense that the it causes.
>Nonetheless, the situation that we are in is what it
>is, any assistance is appreciated.
>Do You Yahoo!?
>Tired of spam? Yahoo! Mail has the best spam protection around
>To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
>For additional commands, e-mail: users-help@subversion.tigris.org

To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

  • application/x-pkcs7-signature attachment: smime.p7s
Received on Fri Aug 19 19:42:29 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.