Search Mailing List Archives
[liberationtech] Proposal for more-trustable code from app stores; comments welcome.
kfogel at red-bean.com
Wed Sep 24 11:25:02 PDT 2014
Thoughts welcome on the usefulness of this proposal:
Quick summary is:
Today, app stores don't even clearly *distinguish* open-source from
closed-source apps, let alone do the builds themselves.
It would be great if app stores built open-source apps directly from
the public source tree, stating exactly which snapshot was used. And
it would be even better if they did so with deterministic builds --
though even just knowing that the app store had done the build
themselves (instead of the app's author doing it) would be a huge win,
and deterministic builds would be gravy.
Details in the article.
More information about the liberationtech