Not just code quality but, when the product is derived from FOSS and you don't have reason to believe the vendor has ability to upstream bugdoors into the FOSS, significant benefits to the practicality of audit for bugdoors and unintentional added vulns.
-
-
Replying to @RichFelker @matthew_d_green and
Sure, and I want a pony. Nobody is going to buy me one though, so why discuss it?
6 replies 0 retweets 13 likes -
Replying to @taviso @RichFelker and
honestly, this is all a large log of whataboutisms. Sure, there's bugdoors. Ssource code are still easier to audit for bugs than binaries. If you don't have reproducible builds, you are left with the binary alone. So, I see a benefit. Complete solution? Nothing ever is.
1 reply 0 retweets 7 likes -
Replying to @dEnergy_dTime @RichFelker and
Obviously you can have source code without reproducible builds, what a ridiculous thing to say?
1 reply 0 retweets 0 likes -
Replying to @taviso @dEnergy_dTime and
In practice you *don't* have source code without repro builds. You have approximate source code that differs from the actual source the binary was built from in various ways for various reasons.
2 replies 0 retweets 4 likes -
-
Replying to @wiretapped @RichFelker and
First, you need to explain why you want to use that specific binary so badly? Here is what I do if I don't trust a binary: I compile the source code, and use that binary. What is the attack against this system, which works today, that you're trying to solve?
1 reply 0 retweets 0 likes -
Replying to @taviso @RichFelker and
it's solving the problem that very few people have sufficient resources to build all the binaries for all the software on all of their systems, so in practice nearly everyone must rely on lots of other people's build servers. without repro builds, every build server is a SPOF.
2 replies 0 retweets 0 likes -
Replying to @wiretapped @RichFelker and
OK, so there is no security problem that we can't solve today, it's just your *opinion* that your system is better than the one we have, correct?
1 reply 0 retweets 0 likes -
Replying to @taviso @RichFelker and
the problem we can't solve without repro builds is to be able to answer the question "how do i know this binary is derived from precisely this source code" with something other than "because I trust this SPOF". (And, that is useful even if you believe that you control the SPOF.)
1 reply 1 retweet 2 likes
I've already told you how to achieve that *today*. I'm getting tired of repeating this to you, so let's just end it here. I don't really feel like repeating myself ad-nauseum again today.
-
-
Replying to @taviso @RichFelker and
building it yourself answers the question only for the binaries you build (and modulo your trust in your own build infra) and doesn't help at all when diagnosing problems on someone else's computer. but ok, i'll stop now. thanks for all of your amazing security research btw.
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.