If you trust your compiler you can verify that your build is the safely based on... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		esrauch on July 12, 2014 \| parent \| context \| favorite \| on: Deterministic, bit-identical and/or verifiable Lin... If you trust your compiler you can verify that your build is the safely based on the source that you have. If the build is deterministic then you could verify that the binary being distributed to the masses isn't compromised by building the same file yourself and seeing that it is the same.

taeric on July 12, 2014 [–]

Right, and my question is essentially if this is "putting the cart before the horse." Do Mozilla have efforts in place to establish trust of their compilers? (I expanded on my response below. I really wish I knew the correct way to "merge" conversation trees here. Is there a good protocol for that?)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact