-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Probably parts of the answer lie in deterministic builds, see below.
hth. best, kloschi - -------- Original Message -------- Subject: [liberationtech] Deterministic Builds Part One: Cyberwar and Global Compromise Date: Thu, 22 Aug 2013 10:39:56 +0000 From: Jacob Appelbaum <ja...@appelbaum.net> Reply-To: liberationtech <liberationt...@lists.stanford.edu> To: liberationt...@lists.stanford.edu <liberationt...@lists.stanford.edu> Hi, I think a lot of people would benefit from reading Mike Perry's latest blog post. He addresses how The Tor Project is working towards the problems referenced by Zooko in his latest open letter to Silent Circle: https://blog.torproject.org/blog/deterministic-builds-part-one-cyberwar-and-global-compromise "Current popular software development practices simply cannot survive targeted attacks of the scale and scope that we are seeing today. " All the best, Jacob -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQGcBAEBAgAGBQJSFhqmAAoJEJhnRHRRn9Syw2YMAKMYOKtIPxrwUrnTF4yI06lM fJI6+xTzH1BRcwzEW7E4crQtRGFJVe5aXe+kpvDBdrJ6rPj3wki3N7BrMw2Fj9JO l8iN11oSEXyidLHIyl8oc0HqGyBe2HXm+N1DVC1P2lOSZvBQ5Hbqa1yNrblK3lBK F9Rc23XvbHaeg4Te5Rvda+8crFSZjbN5Iqn7zFiXkIKlM+Zse7f0HNVB8rIM17cl bC+a+l/unkCDiG52HaOTXI6dw8pCfQkeYDzuIFKy9qCdFl7B1DlZSMqeInupjMhp GiqklzG5kLKJFYqWiByDSNTY4A+YfFx+PheCe3V5c0k6qDrmEh+WdGaL3E6ibF8D 3niRplhFhQjz68yVO4+R+BxvTeqwVj+FYaIIPnIIUirJYtQxQYFcEVGn4GGjDE2j 2ngMl1mgIz3YI4mCJuR5dFGJf3e5cy+ZadvjtyRzGxLj1SMIZVT6HNHIdGxDaW4O dCVcR03xYwOilBkA2wh00BYquiyAMl5AsQHmGKMg/Q== =LiRi -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/52161aaa.8030...@subsignal.org