This is why projects like Reproducible Builds are so important. Basing all of your security on a company's signature on proprietary code is too risky.

image/svg+xml Follow

I elaborate on some ways to protect the digital supply chain while borrowing metaphors from the food industry in this post:

Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)