undefined | Better HN

0 pointsmajorchord1y ago0 comments

I say that possibility is canceled out because those layers of protection also provide avenues for additional bad actors and even more possibility of places to inject malware/compromises.

0 comments

4 comments · 2 top-level

g-b-r1y ago· 1 in thread

They might provide additional avenues, but they remove others, so it's hard to assess what's safer (I'd lean towards F-Droid-like solutions).

The best of both worlds is where both the developer and a third party certify the builds, as happens with F-Droid's reproducible builds.

On Android you're still left on deciding whose signature to put on the binary, however (I'd prefer one from the third party, differently from what happens with F-Droid reproducible builds).

majorchordOP1y ago

It would be nice if both parties could sign the binary. My biggest issue with reproducible builds is that not every project supports it, and many that do aren't being verified (like Signal).

lupusreal1y ago· 1 in thread

Examples of that? Debian has about three decades of history, have any of their packagers ever sold out?

majorchordOP1y ago

I was more referring to supply chain attacks and intentional backdoors, which have happened multiple times in the past. Debian servers have also been hacked before.

j / k navigate · click thread line to collapse