How to talk to skeptics?

John Neffenger john at
Fri Dec 16 19:44:32 UTC 2022

On 12/14/22 11:30 AM, Bernhard M. Wiedemann via rb-general wrote:
> He also once pointed me to

By the way, I think this person's argument falls apart here:

   "The only way to verify that the untrusted binary is bit-for-bit 
identical to the binary that would be produced by building the source 
code, is to produce your own trusted binary first and then compare it. 
At that point you already have a trusted binary you can use, so what 
value did reproducible builds provide?"

That makes the incorrect assumption that a build you create yourself can 
always be trusted.

On the contrary, no single build can be trusted because it's too easy to 
compromise a single build environment. That's the benefit of verified 
reproducible builds: an attacker has to compromise several different 
build environments on different machines and networks and in different 

So the second diagram on the page does not create a trusted binary. You 
still want to keep the other build for comparison instead of throwing it 
in the trash.


More information about the rb-general mailing list