4. In Phase 4 we get into better authentication for multiple devices in various ways: IT admins, SSO, cross-signing.
-
-
Reproducible builds make most sense together with open source, of course. And it's of value even if nobody is constantly verifying the builds. Simply the point that they could mitigates the vector of a malicious builds server. Source level backdoors are certainly not addressed.
-
You can prove the build server isn't compromised, but you can't prove you're not trying to hide a backdoor, right? So users still have to trust you, and you could get the same benefit from getting a third party to privately repro the build for you...
- 17 more replies
New conversation -
-
-
Reproducible builds prove that the code you’re reviewing is the code that is being distributed and nothing else. They’re generally only useful in situations where you both don’t trust the vendor at all but believe you can gain trust in the code base though code review.
-
That said, having done a few code reviews that required this in the past, it was surprising what came up. For example, third-party libraries that were coming from the build box that no one knew were included, being given the wrong code by mistake, etc.
- 2 more replies
New conversation -
-
-
Exactly. And a configuration or data file could control the backdoor behavior, too, even if not a 'code' update. I'm not convinced there's a defensible threat model here at all. So the web platform isn't *worse*, ...

-
I’m sad we disagree. :(
- 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

