Deterministic Builds
2013-08-23 22:42:10.140911+02 by
Dan Lyke
1 comments
Tor: Determistic Builds Part One: Cyberwar and Global Compromise.
The short answer is: to protect against targeted attacks. Current popular software development practices simply cannot survive targeted attacks of the scale and scope that we are seeing today. In fact, I believe we're just about to witness the first examples of large scale "watering hole" attacks. This would be malware that attacks the software development and build processes themselves to distribute copies of itself to tens or even hundreds of millions of machines in a single, officially signed, instantaneous update.
See also Ken Thompson's Reflections on Trusting Trust.
[ related topics:
Weblogs Software Engineering
]
comments in descending chronological order (reverse):
#Comment Re: made: 2013-08-24 14:21:36.69735+02 by:
meuon
yeah, I've had that nightmare and don't trust my Android phone for that, and many many other reasons. or my Mac. I tend to keep my Linux system on manual update, and update when I am ready for issues due to the update (Haven't had many in years) and when I think things have been "out in the real world" for a while.
One devious programmer could create chaos and havoc months after a system was updated.
We will not edit your comments. However, we may delete your
comments, or cause them to be hidden behind another link, if we feel
they detract from the conversation. Commercial plugs are fine,
if they are relevant to the conversation, and if you don't
try to pretend to be a consumer. Annoying endorsements will be deleted
if you're lucky, if you're not a whole bunch of people smarter and
more articulate than you will ridicule you, and we will leave
such ridicule in place.