Call for real-world scenarios prevented by RB practices

jeremiah at pdp10.guru jeremiah at pdp10.guru
Sun Mar 27 02:00:09 UTC 2022


>> [...] for example, none of these are a defence again Ken Thompson's famous 1984 paper
>> despite some of the best minds in computer science working on it.
>
>... and yes, I was aware you were on this list David, and apparently writing
>about your excellent Diverse Double-Compiling work just as I was writing the
>above :-) Nevertheless my point stands I think, that none of the approaches I
>listed address the fundamental trust problem. And we certainly don't see good
>solutions being adopted to the issues of unbounded complexity, or why it takes
>a stack multiple millions of lines of lines of code high to present me with a
>dialogue box that says "Hello". These are human problems, not really technical ones.

actually starting with under 1KB worth of binaries we do have a path to
GCC,bash, Glibc, make and Guile (along with support for checksum tools,
archivers, etc)
https://github.com/fosslinux/live-bootstrap

With Diverse Cross-platform compiling producing identical binaries when
presented the same code with the same flags. So even different OS or
hardware should produce identical outputs.

be it starting on bare metal: https://github.com/oriansj/stage0
or starting off a POSIX kernel you trust:
https://github.com/oriansj/stage0-posix

-Jeremiah


More information about the rb-general mailing list