On Thu, 19 May 2016 13:38:18 +0000, Jonathan Wilkes wrote: ... > Community that leverages gitian: Hm, this package looks different. Let's > quarantine it and let the world inspect it. > World: Sounds fun!
Actually, it's sufficient if there is a single person doing this when there are reproducible builds. Or even someone setting up a checker bot once. Now, as an NSL-issuing entity you need to come up with a source code modification that induces a backdoor, and is reasonably defensible by a dev, and then force that dev to include this change into the git repo, and defend it in reviews. Andreas -- "Totally trivial. Famous last words." From: Linus Torvalds <torvalds@*.org> Date: Fri, 22 Jan 2010 07:29:21 -0800 -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
