A Carnegie Mellon preprint shows that an attacker without the signing key can turn any signed commit into a second, content-identical commit that still earns a "Verified" badge and a different hash. The author says Git and GitHub have not fixed it.
I’m a little confused by what this is saying. It seems that you can create a basically identical commit with a different signature and thus a different (hashed) ID.
So basically you can take a Signature S1 and produce a valid Signature S2 over the same data that is not identical.
This doesn’t seem like a very useful exploit primitive to me. Not nothing, but doesn’t seem like a big deal. I feel like I am misunderstanding something.
A green “Verified” badge on GitHub is supposed to mean that a trusted author signed it, and its ID is a one of a kind fingerprint for that exact code. Turns out that the second promise of a unique fingerprint does not hold. It matters because security teams and package systems behind tools like Go, Nix, and GitHub Actions trust that ID as a unique handle for code. An attacker can reissue the same signed code under a fresh ID that’s still verified to slip past.
I don’t understand. Why does having two commit IDs with the exact same code cause problems.
A green “Verified” badge on GitHub is supposed to mean that a trusted author signed it
The author did sign it. It is the exact same code.
An attacker can reissue the same signed code under a fresh ID that’s still verified to slip past.
To split past what? At best it seems that they would be able to have a different ID for the exact same code, which seems harmless? Slightly confusing at worst.
Nix also doesn’t use PGP signatures, it requires a separate hash of the resulting commit (the files with the .git directory stripped by default).
sounds like the author thinks because their purist definition is violated its a problem vs it actually being a problem. im in the same boat as you. I dont see the issue with the commit hash changing long as the code doesnt change.
I’m a little confused by what this is saying. It seems that you can create a basically identical commit with a different signature and thus a different (hashed) ID.
So basically you can take a Signature S1 and produce a valid Signature S2 over the same data that is not identical.
This doesn’t seem like a very useful exploit primitive to me. Not nothing, but doesn’t seem like a big deal. I feel like I am misunderstanding something.
A green “Verified” badge on GitHub is supposed to mean that a trusted author signed it, and its ID is a one of a kind fingerprint for that exact code. Turns out that the second promise of a unique fingerprint does not hold. It matters because security teams and package systems behind tools like Go, Nix, and GitHub Actions trust that ID as a unique handle for code. An attacker can reissue the same signed code under a fresh ID that’s still verified to slip past.
I don’t understand. Why does having two commit IDs with the exact same code cause problems.
The author did sign it. It is the exact same code.
To split past what? At best it seems that they would be able to have a different ID for the exact same code, which seems harmless? Slightly confusing at worst.
Nix also doesn’t use PGP signatures, it requires a separate hash of the resulting commit (the files with the .git directory stripped by default).
Right, it’s not a serious exploit which would allow changing code, but it does allow compromising integrity because changing the id mutates history.
sounds like the author thinks because their purist definition is violated its a problem vs it actually being a problem. im in the same boat as you. I dont see the issue with the commit hash changing long as the code doesnt change.