Sorry forgot to answer your first question. The sources are mostly taken from already quite trusted sources and can be verified by PGP signatures. You can also read the sources and since they get compiled on your computer, you know that what you read is what you get. Also, other people can read the sources and give reviews and you will know that those reviews actually correspond to what is running on your system.
On Thu, Aug 4, 2011 at 10:18 PM, AK <aka...@gmail.com> wrote: > I know, you still have to trust the standard Ubuntu programs such as gcc & > firefox. But, you already made the decision to trust those when you > installed Ubuntu. The piratepack doesn't force you to trust any new > repositories. > > On Thu, Aug 4, 2011 at 9:54 PM, Ted Smith <ted...@gmail.com> wrote: > >> On Thu, 2011-08-04 at 19:44 -0600, AK wrote: >> > - No need to trust nonstandard binary executables. Polipo, tor, vidalia, >> > piratepack binaries are automatically compiled from source on >> installation. >> >> How do I know that the sources are trustworthy? Or that the programs >> used to compile (or verify their trustworthyness) are trustworthy? >> >> _______________________________________________ >> tor-talk mailing list >> tor-talk@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >> >> >
_______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
