The Integrity Of The Orbit Codebase

Discovering malicious changes

The integrity of the Orbit codebase is first and foremost verified through git, which disallows any rewriting of versioning history without explicit consent. This means that any malicious changes to the codebase must be applied on top of the current history, making the likelihood of a reviewer discovering the change almost a certainty.

The signing procedure

Orbit Online is using a code-signing scheme where every change is cryptographically signed with a key that resides on a physical YubiKey. This ensures a form of 2FA since said key is impossible to read from the YubiKey. Instead, the YubiKey itself performs the signing procedure.

Read more about Orbit Security Mechanisms & Procedures

Data encryption policy

User access to Orbit

Manage permissions in Orbit

Integration of external services

Personnel access to Orbit

Handling Security Exploits & Incidents

Isolation of components