Which part don't you have? The packaging is one more command, no?
What you seem to be missing is that you can get all the same security benefits *today* without having to spend millions developing new build systems. Do you agree we're just not seeing attackers produce tainted binaries from trusted but compromised build servers?
-
-
how, by having each endpoint build the code itself? aside from being impractical, that also doesn't provide the same assurance that they're all running good binaries. re: your q, absence of evidence isn't evidence of absence, and no, i do not agree. e.g. https://theintercept.com/2015/03/10/ispy-cia-campaign-steal-apples-secrets/ …pic.twitter.com/qDVLl7B1MI
-
Each endpoint could build, or you can get someone you already have to trust to build it for you, which is how it works today. That seems to be working pretty well, as you have to really stretch to provide any examples of it not working, correct?
- 6 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.