Blog post about a talk by Ken Thompson and the original Trusting Trust attack finally released
Orians, Jeremiah (DTMB)
OriansJ at michigan.gov
Mon Oct 30 11:04:40 UTC 2023
> Readers of this list should have noticed that source-only verifiable bootstrap has been achieved earlier.
> The work presented in [1] provides a full proof of provenance of a verifiable Posix-like system with a
> development toolchain, without a reliance on any binary seed.
If your definition of source only bootstrap includes Megabytes of external binaries, then given your definition
Debian beat your project by a more than a decade.
> I hope that if you choose to mention the Guix blog post, then you would also refer to the prior solution [1].
Nope, lol
> On the other side, presenting bootstrapping from machine codes as the only and also as the "first"
> solution to full verifiability is plainly not correct.
DDC only works if either a) you have a trusted compiler or b) 2 compilers that don't share a common
compromise. Bootstrappable builds ensures we do have a trusted suite of compilers. So, unless you
have proof of one of those, you have not in any way contributed to solving the problem.
-Jeremiah
More information about the rb-general
mailing list