Yes but *why*? You're already building them and you already trust the developer, why does it matter? It seems like just being open source is enough.
-
-
How is compromised code signing key abuse mitigated currently?
-
You don't need a code signature if you built it from source. You already know the binary came from the source code you have to trust anyway?
- 5 more replies
New conversation -
-
-
no, you *cannot do that*. You're assuming everyone has Google-scale build power. That is simply not the case. A world where you're required to build yourself to know that the binary you've gotten is as secure as the code suggests would be less secure – because the world would
-
hardly be able to do that amount of builds, so either opt to not update, or trust blindly.
End of conversation
New conversation -
-
-
Repro builds benefit the people who *don't* want to build from source themselves in defending against compromised signing keys, because others will discover the compromised signing key via repro build mismatch and report it.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.