Reply
Thread Tools
Community Council | Posts: 4,920 | Thanked: 12,867 times | Joined on May 2012 @ Southerrn Finland
#51
Originally Posted by pichlo View Post
Originally Posted by kinggo View Post
sorry, but how is that better for ~98% of the people who doesn't know anything about coding? I mean, I do know how to compile some basic stuff on linux, use AUR or svn or git...... But I still have to trust that source the same way I trust precompiled binary.
Exactly! Forget the 98℅, published sources hardly help even the expert programmers. Who on earth has the time or expertise to review 5 million lines of code?
You did not read my post through, did you??

If you read it again you will notice I said Binary distribution can be allowed if the sources are available and mechanism for reproducible build verification exists.

This means that somebody can build the sources and verify the resulting RPM is what is ptovided!!!
 

The Following 5 Users Say Thank You to juiceme For This Useful Post:
pichlo's Avatar
Posts: 6,445 | Thanked: 20,981 times | Joined on Sep 2012 @ UK
#52
Yes, juiceme, I read that. And I have repeatedly said that I have an issue with that somebody.

In your idealistic world, "somebody" will review those 5 million lines of code. In the real world, nobody will even look at it. But somebody might write an alternative application if the API is public. Which was my point.
__________________
Русский военный корабль, иди нахуй!
 

The Following 3 Users Say Thank You to pichlo For This Useful Post:
Posts: 1,288 | Thanked: 4,316 times | Joined on Oct 2014
#53
@pichlo thats not @juiceme's point here (correct me if iam wrong)

By being able to recompile from sources, and comparing a precompiled binary (rpm) against own build (rpm) its a matter of comparing if checksums matches. If no match, something was changed in precompiled binary, and there is a reason to be suspicious.
 

The Following 5 Users Say Thank You to nieldk For This Useful Post:
pichlo's Avatar
Posts: 6,445 | Thanked: 20,981 times | Joined on Sep 2012 @ UK
#54
Sorry but that's just silly. For at least two reasons:
1) A checksum match can only guarantee that the compiled binary matches the supplied sources. Not that the sources are safe and do not contain some hidden gems.
2) A checksum is not going to match anyway. At least in my experience, every time I build something I get a slightly different binary. The compiler embeds things like the build date/time etc.
__________________
Русский военный корабль, иди нахуй!
 

The Following 4 Users Say Thank You to pichlo For This Useful Post:
pichlo's Avatar
Posts: 6,445 | Thanked: 20,981 times | Joined on Sep 2012 @ UK
#55
Originally Posted by nieldk View Post
for bitcoin miners, really, you dont need root.
No, but for installing a bitcoin miner by an innocently looking chat application, having root access helps.

At least on a decent OS. On Sailfish, you don't need root for that either
__________________
Русский военный корабль, иди нахуй!
 

The Following 3 Users Say Thank You to pichlo For This Useful Post:
Posts: 1,288 | Thanked: 4,316 times | Joined on Oct 2014
#56
Originally Posted by pichlo View Post
Sorry but that's just silly. For at least two reasons:
1) A checksum match can only guarantee that the compiled binary matches the supplied sources. Not that the sources are safe and do not contain some hidden gems.
2) A checksum is not going to match anyway. At least in my experience, every time I build something I get a slightly different binary. The compiler embeds things like the build date/time etc.
Simplified, yes. There needs to be a reproducable build method, which will result in matching checksums. Or other verifiable methods.

https://wiki.debian.org/ReproducibleBuilds

Last edited by nieldk; 2018-05-06 at 05:30.
 

The Following 5 Users Say Thank You to nieldk For This Useful Post:
Community Council | Posts: 4,920 | Thanked: 12,867 times | Joined on May 2012 @ Southerrn Finland
#57
@nieldk already explained it well. In most cases the possibility of reproducible build from sources already deters the will to put in backdoors.

Also one does not need to look at every line of the 5 million LOC, there are ways to speed up the process pretty much, for example with c sources you can grep thru included headers to find the modules most likely to do some funny business and then check those.

Also there does exist way to have reprducible RPM builds
 

The Following 5 Users Say Thank You to juiceme For This Useful Post:
Posts: 84 | Thanked: 267 times | Joined on Apr 2016
#58
Still no info/promise which will be the android compatibility level, 5,6,7,8...
 

The Following 4 Users Say Thank You to feedme For This Useful Post:
Posts: 74 | Thanked: 355 times | Joined on Aug 2017
#59
I'm totally with you regarding the desire for reproducible builds and having access to the code. But the FOSS world is not what I had in mind when posting my last post, as you rarely are forced to use a specific app there.

I was looking at big companies (banks, public transport etc) where you see tendencies towards app exclusive services. The best example may be online banking apps, for which you often see issues at TJC from nordic users: either you install and use the app, or you can't access your online banking.
The sad truth here is that there usually is no possibility to get a look at the source code. So, sure, they could include a crypto miner or something like that, but I'd say the chances for that are quite low in these cases. The bigger issue is that more and more companies go "all in" regarding data collection: try to grab as many data from users you can, maybe they can be useful (and sold) in the future. In this case, App permissions are essential, since with them you can use the app without the fear that it "steals" your address book or is constantly spying on your location.
I have to say that Google did a good job regarding this permissions in the newer Android versions. Wouldn't Android itself spy on the user so massively, it would be a great privacy-friendly system. And this is where SFOS has its advantages in my opinion: If we get similar app permission features as Android, we have a privacy-friendly base system (opposed to Android) and can get much more privacy for Apps which are (unfortunately) essential for the user.
 

The Following 4 Users Say Thank You to jenix For This Useful Post:
pichlo's Avatar
Posts: 6,445 | Thanked: 20,981 times | Joined on Sep 2012 @ UK
#60
Originally Posted by juiceme View Post
In most cases the possibility of reproducible build from sources already deters the will to put in backdoors.
This is where our disagreement comes from. I am not convinced that your statement is 100℅ true. In a reasonably complex piece of code, it is dead easy to hide whatever you want in plain sight. In which case providing the sources will only serve to give the false sense of security to idealists like you, who naively believe that sources = guarantee of genuinity.

Regarding the Nordic bank users, as per jenix's post, I am somewhat baffled. Does that mean you guys cannot login from any random computer using any random browser? That completely defeats the whole purpose of online banking. If my bank tried to impose such a restriction on me, I would switch the bank.
__________________
Русский военный корабль, иди нахуй!
 

The Following 4 Users Say Thank You to pichlo For This Useful Post:
Reply

Thread Tools

 
Forum Jump


All times are GMT. The time now is 14:32.