You now have two bit-for-bit identical binaries, one you trust and one you don't and therefore know they're both safe. I'm saying, who cares about the vendor supplied one? Just use the one you built, and it doesn't matter if it was reproducible or not.
Hmm, you don't agree build reprodcucibility *has* to have separate build infra to even be relevant? Otherwise the attacker can just modify source code, for example.
-
-
I think reproducibility has to have separate systems running the builds, but not necessarily the project's own infra. For me the focus is on detectability. Modified source will be found because people will eventually look at the source. For modified binaries that's not the case.
-
Again I'm aware that I'm probably not stating things as clear as I'd like to currently. I might try again tomorrow.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.