This is why projects like Reproducible Builds are so important. Basing all of your security on a company's signature on proprietary code is too risky.

wired.com/story/barium-supply-

image/svg+xml Follow

I elaborate on some ways to protect the digital supply chain while borrowing metaphors from the food industry in this post: puri.sm/posts/protecting-the-d

Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)