Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mstdn.io/users/wolf480pl/statuses/113265051859160565">Wolf480pl (wolf480pl@mstdn.io)'s status on Monday, 07-Oct-2024 17:44:24 JST</a><a href="https://mstdn.io/@wolf480pl" title="wolf480pl@mstdn.io"><img src="https://gnusocial.jp/avatar/6007-48-20250211223719.webp" width="48" height="48" alt="Wolf480pl" style="position: absolute; left: 0; top: 0;">Wolf480pl</a><div><a href="https://mstdn.io/@wolf480pl/113264998776803342" rel="in-reply-to">in reply to</a></div></section><article><p><a href="https://infosec.exchange/@freqchance">@freqchance</a> <a href="https://adhd.irenes.space/@ireneista">@ireneista</a> <br>Now, how do we create a more secure system for delivering software updates?</p><p>- author releases source code only<br>- many people independently read the source<br>- many different people build binaries from the source<br>- the builds are reproducible, so they should get identical binaries, and everyone can check that<br>- binary and source releases are published in sth similar to CT log, to prevent one person getting a different version than everyone else</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3785921#notice-7409363">In conversation</a><time datetime="2024-10-07T17:44:24+09:00" title="Monday, 07-Oct-2024 17:44:24 JST">about 5 months ago</time> <span>from <span><a href="https://gnusocial.jp/notice/7409363" rel="external" title="Sent from gnusocial.jp via ActivityPub">gnusocial.jp</a></span></span><a href="https://gnusocial.jp/notice/7409363">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Wolf480pl (wolf480pl@mstdn.io)'s status on Monday, 07-Oct-2024 17:44:24 JST Wolf480pl
in reply to
@freqchance @ireneista
Now, how do we create a more secure system for delivering software updates?
- author releases source code only
- many people independently read the source
- many different people build binaries from the source
- the builds are reproducible, so they should get identical binaries, and everyone can check that
- binary and source releases are published in sth similar to CT log, to prevent one person getting a different version than everyone else
In conversationabout 5 months ago from gnusocial.jppermalink

Public

Embed Notice

HTML Code

Corresponding Notice