[rb-general] What is the goal of reproducible builds?
kpcyrd
kpcyrd at rxv.cc
Mon Dec 9 16:47:16 UTC 2019
I personally joined the project because I'm interested in independent
verification of binaries, from the point of view as both a publisher and
a user of binaries.
While I think the other efforts are very valid and important as well and
efforts building on top of each other, I'd rather keep this project
pragmatic and focus on making an MVP for independent verification
reality as soon as possible.
This is partially because I know how to backdoor a specific binary but I
don't know how to backdoor a compiler in a way that people wouldn't
spot within two weeks by accident.
More information about the rb-general
mailing list