It doesn't matter - you *have* trusted binaries, you were going to build them anyway. Codesigning is only relevant for people who don't have trusted binaries, but do have a vendor they trust, right?
-
-
I'd actually be interested if you're also disagreeing with David A. Wheelers thesis on countering trusting trust (especially sec. 4.6, 6, 8.8 & 8.9), which makes use of reproducible builds: https://dwheeler.com/trusting-trust/ It also considers compromise of build env other than the compiler.
-
The only claim i'm disagreeing with is that build reproducibility prevents backdoors. People are claiming that it can detect tainted output from *trusted* but compromised build infra, and they're correct. I'm saying that you can already do that today.
- 7 more replies
New conversation -
-
-
You've done plenty of IR, surely you've had to ask "where did this binary come from?" in many different ways. Software supply chain is a little complex to discuss here, but I really recommend catching up with the folks on the EIP team that work on this.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.