Protestware
Definition
Protestware refers to software that has been intentionally altered by its developer to express a political or social protest. This can involve adding code that disrupts functionality, displays messages, or otherwise modifies the behavior of the software in a way that aligns with the developer’s protest goals. Such changes can pose security risks if they introduce vulnerabilities or unexpected behaviors in the software.
Secure Settings Example
# Example of a secure CI/CD pipeline configuration that verifies software integrity
stages:
- verify
verify:
script:
- echo "Verifying software integrity..."
- sha256sum -c checksums.sha256
- gpg --verify software-release.sig software-release.tar.gz
only:
- main
Insecure Settings Example
# Example of an insecure CI/CD pipeline configuration that does not verify software integrity
stages:
- deploy
deploy:
script:
- echo "Deploying software without integrity checks..."
- tar -xzf software-release.tar.gz
only:
- main