3

How do DVCS (Github, BitBucket, etc...) ensure private project code integrity?

Sure, the companies claim no intellectual rights when you upload your code to their online repositories, but how is the privacy of the project ensured so that only the people with write/commit access to such repositories can actually view the data?

What happens if you decide to, let's say, move your project to a private server or another host? Will your project be "deleted" or only "removed" from the public index?

How can you be sure that the CEO of the company where you host your project will not be able to view your data?

Do these companies go through some sort of regular certification? Or this whole deal based on trust and understanding?

user1254893
  • 527
  • 3
  • 13

3 Answers3

5

Unless those providers explicitly mention offering encrypted repos (which Assembla alludes to here, but it could only refers to https encryption), you don't have 100% guarantee.

The only way to add that level of security would be to pursue a User controlled end-to-end encryption, leveraging git's smudge/clean filter driver:

smudge clean filter driver

See "Transparent Git Encryption":

User controlled end-to-end encryption solves the problem:
Before data is pushed to the remote repository to store, it is encrypted with an encryption key which is known only to the data owner itself. Management of the encryption key(s) and the encryption/decryption processes is always tedious and easy to get wrong.
In the following, we shall demonstrate how to use Git with encryption in a way transparent to the end user.

Community
  • 1
  • 1
VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • Does Mercurial have that sort of functionality? – user1254893 May 13 '12 at 09:59
  • @JuozasDomarkas Not that I know of: there is an experimental extension though: http://stackoverflow.com/a/3073083/6309 – VonC May 13 '12 at 10:02
  • 2
    @JuozasDomarkas: Sure, we have the same kind of filter system between working directory and the respository. See the [decode/encode filters](http://www.selenic.com/mercurial/hgrc.5.html#decode-encode). – Martin Geisler May 13 '12 at 10:13
2

As VonC says, they don't ensure anything more than promising you that only admins have access to your data.

Some hosting sites may talk about how they encrypt data on disk. That makes sense if we're talking about a laptop that might physically end up in the wrong hands, but it makes less sense for a disk sitting in a data center. The problem is that the services that run on the machine must have access to the unencrypted data and so the volume will typically be mounted when the service is running. So the encryption wont protect the data any longer and you're back to normal operating system access control.

If you really want, you can of course run all data through the decode/encode filters for Mercurial or use the equivalent filters for Git. That means that you save encrypted data at the hosting site, but you lose most of the advantages of sites like GitHub or Bitbucket. You can no longer

  • browse the code online in a meaningful way
  • review pull requests
  • offer tarball downloads
  • etc.

So I wouldn't recommend such an approach — if your data is so sensitive that you cannot host them online, then you should setup your own internal server. There I can recommend Kallithea which supports both Git and Mercurial.

Martin Geisler
  • 72,968
  • 25
  • 171
  • 229
  • It's more about intellectual property rights than information sensitivity, but hey, that's important for me. – user1254893 May 13 '12 at 10:21
  • @JuozasDomarkas: The intellectual property rights are already handled by the terms you agree to when hosting. As you noted, they sites wont claim to own the stuff you host there — that would be stupid. You asked who they ensure that the CEO cannot look at your stuff and I explained that they don't ensure this. – Martin Geisler May 15 '12 at 10:50
0

As far as I know, the whole deal is based on trust, understanding, and the desire for you to not to sue them to death.

Neil Forrester
  • 5,101
  • 29
  • 32
  • a government agency can request your code and the company can give up the code without being sued – gsk May 05 '13 at 20:12