Ah. But that’s a capability that degrades rapidly. And if every latest version is riddled with new bugs, eventually you’ll ring people’s alarms.
-
-
I suspect you and
@natashenka are wizards with decompilers, and so perhaps working with them does not add the 50x overhead it would add to me. But does it add any overhead? If so, repro builds should eliminate that. -
50x -> 5000x realistically :)
- 12 more replies
New conversation -
-
-
Aren't reproducible builds focusing more on dependency tracking (a build X uses library in version Y.Z) than on security itself?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
OK, but I'm guessing you still use an OS that has regular security updates of bugdoor-equivalent vulnerabilities? So the point remains, right? There would be no penalty for getting caught shipping a bugdoor.