once_aphysicist's avatar
once_aphysicist 4 months ago
Just presented my 2 hr hackathon project at #btcpp privacy edition, Riga!
GitHub
GitHub - feuplebian/git-futz: Fuzz Git commit timestamps to improve privacy
Fuzz Git commit timestamps to improve privacy. Contribute to feuplebian/git-futz development by creating an account on GitHub.
 With the recent attacks on developers of cypherpunk software bythe state and other malicious actors, developer privacy is becoming more important. So I developed a command-line tool to fuzz location and time information from your unpublished git commit messages before you push your commits to a public branch. Comments and suggestions welcome :)

Replies (7)

once_aphysicist's avatar
once_aphysicist 4 months ago
This project ended up winning, I'm overwhelmed! ๐Ÿ˜ฌ
once_aphysicist's avatar once_aphysicist
Just presented my 2 hr hackathon project at #btcpp privacy edition, Riga!
GitHub
GitHub - feuplebian/git-futz: Fuzz Git commit timestamps to improve privacy
Fuzz Git commit timestamps to improve privacy. Contribute to feuplebian/git-futz development by creating an account on GitHub.
 With the recent attacks on developers of cypherpunk software bythe state and other malicious actors, developer privacy is becoming more important. So I developed a command-line tool to fuzz location and time information from your unpublished git commit messages before you push your commits to a public branch. Comments and suggestions welcome :)
View quoted note →
2 replies โ†“
DanConwayDev's avatar
DanConwayDev _@danconwaydev.com 4 months ago
This is cool. A few years ago l, all my commits had a start of day timestamps but pgp signing yubikey and qubes proxy got in the way so I stopped.
once_aphysicist's avatar once_aphysicist
Just presented my 2 hr hackathon project at #btcpp privacy edition, Riga!
GitHub
GitHub - feuplebian/git-futz: Fuzz Git commit timestamps to improve privacy
Fuzz Git commit timestamps to improve privacy. Contribute to feuplebian/git-futz development by creating an account on GitHub.
 With the recent attacks on developers of cypherpunk software bythe state and other malicious actors, developer privacy is becoming more important. So I developed a command-line tool to fuzz location and time information from your unpublished git commit messages before you push your commits to a public branch. Comments and suggestions welcome :)
View quoted note →
1 replies โ†“
once_aphysicist's avatar
once_aphysicist 4 months ago
Thanks for bringing up signing. That's indeed another source of privacy leak. I'll have to think about how to approach this :) I think what we need is unattended signing, or probably more likely, batch signing (sign once no matter how many commits) ๐Ÿค”
DanConwayDev's avatar
DanConwayDev _@danconwaydev.com 4 months ago
This is really cool idea. A few years ago I experiemented with some shell aliases to mess with the commit dates. I gave up as a pgp signature comes with its own date so this needs to be manipulated too and I had an obsure signing setup.
2 replies โ†“
DanConwayDev's avatar
DanConwayDev _@danconwaydev.com 4 months ago
here were my shell aliases: ``` shellAliases = { git-today = '' env GIT_AUTHOR_DATE="`date -I`T00:00:00" env GIT_COMMITTER_DATE="`date -I`T00:00:00" git''; git-month = '' env GIT_AUTHOR_DATE="`date +%Y-%m-01`T00:00:00" env GIT_COMMITTER_DATE="`date +%Y-%m-01`T00:00:00" git''; git-last-month = '' env GIT_AUTHOR_DATE="`date +%Y-%m-01 -d '-1month'`T00:00:00" env GIT_COMMITTER_DATE="`date +%Y-%m-01 -d '-1month'`T00:00:00" git''; }; ```
โ†‘