looks like I'm having some trouble understanding today. I think supply chain attacks are the most effective (i.e. hack the world) and reproducible builds + m of N signatures are a good defense tool.
Those platforms are not designed for that, e.g. on android you would have to install them first. Then why not just use the binaries you built? If you have two devices and *assume* both got the same binary, but then why not *assume* the build is the same and not check?
-
-
Besides, people are arguing for reproducible builds *everywhere*, not for these niche fantasy threat models. I really think the reality is, they're a solution looking for a problem.

-
I tend to agree. My only point was that they may have a (niche) use to allow third party verification of build origins. I’m not sure that’s feasible on any platform *today*, but it’s something you *could* build.
- 5 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.