[liberationtech] Deterministic Builds Part One: Cyberwar and Global Compromise

Eugen Leitl eugen at leitl.org
Fri Aug 23 04:30:06 PDT 2013


----- Forwarded message from phreedom at yandex.ru -----

Date: Fri, 23 Aug 2013 00:21:25 +0300
From: phreedom at yandex.ru
To: liberationtech <liberationtech at lists.stanford.edu>
Subject: Re: [liberationtech] Deterministic Builds Part One: Cyberwar and Global Compromise
User-Agent: KMail/4.10.5 (Linux/3.9.11; KDE/4.10.5; i686; ; )
Reply-To: liberationtech <liberationtech at lists.stanford.edu>

> I think a lot of people would benefit from reading Mike Perry's latest
> blog post. He addresses how The Tor Project is working towards the
> problems referenced by Zooko in his latest open letter to Silent Circle:

> "Current popular software development practices simply cannot survive
> targeted attacks of the scale and scope that we are seeing today. "

NixOS distro[1] takes build reproducibility seriously and build determinism is 
being worked on.

I have patched the most important toolchains to not systematically introduce 
non-determinism[2]. Some of the patches are in the master branch already, some 
are in the staging branch and will be merged in a month or two. These patches 
are sufficient to make a large subset of package builds deterministic.

After the merge, I'll do another round this time fixing non-determinism due to 
quirks of build systems of specific packages. Luckily, there aren't that many 
packages like Firefox and luckily Firefox has been already tackled by someone 
else :)

I'm committed to making at least installation media, typical desktop and 
server installs fully deterministic.

[1] http://nixos.org/nixos/
[2] http://lists.science.uu.nl/pipermail/nix-dev/2013-June/011357.html
-- 
Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5



More information about the cypherpunks mailing list