[guardian-dev] Fwd: [liberationtech] Proposal for more-trustable code from app stores; comments welcome.
Nathan of Guardian
nathan at guardianproject.info
Wed Sep 24 14:33:58 EDT 2014
This one is for you _hc
----- Original message -----
From: Karl Fogel <kfogel at red-bean.com>
To: liberationtech <liberationtech at lists.stanford.edu>
Subject: [liberationtech] Proposal for more-trustable code from app
stores; comments welcome.
Date: Wed, 24 Sep 2014 13:25:02 -0500
Thoughts welcome on the usefulness of this proposal:
https://twitter.com/OpenITP/status/514836088511537152
Quick summary is:
Today, app stores don't even clearly *distinguish* open-source from
closed-source apps, let alone do the builds themselves.
It would be great if app stores built open-source apps directly from
the public source tree, stating exactly which snapshot was used. And
it would be even better if they did so with deterministic builds --
though even just knowing that the app store had done the build
themselves (instead of the app's author doing it) would be a huge win,
and deterministic builds would be gravy.
Details in the article.
-Karl
--
Liberationtech is public & archives are searchable on Google. Violations
of list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech.
Unsubscribe, change to digest, or change password by emailing moderator
at companys at stanford.edu.
--
Nathan of Guardian
nathan at guardianproject.info
More information about the Guardian-dev
mailing list