Hacker News new | past | comments | ask | show | jobs | submit login

But it might need to push new (binary) updates if the master/deploy branches gets updated or a commit contains a specific tag.

As far as I know, only the binary was updated.

I'd be interested to hear, though, how it got compromised after all.

Yeah, that makes sense. Build servers are one of the weakest links in distributing software. That's why this exists and I'm glad it's making progress:


And even if you sign updates, the key management for doing that is usually centralized, which can be bad:


I do not think it was the build server, though. According to this analysis[1], the developer used a different key to sign the build (all Mac apps need to be signed or the default behavior is to reject that App. You can permanently disable this behavior in settings, or just for on app by holding control while opening the App, which a lot users who use transmission probably do because not all legitimate Apps are signed). Anyways, since the app was signed by a third party's certificate (which was approved by Apple), chances are only the website was compromised. If the build server had been compromised, the attack would have had access to the developer's certificate and they would most likely have used that.

[1]: http://researchcenter.paloaltonetworks.com/2016/03/new-os-x-...

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact