[cryptography] Reply to Zooko (in Markdown)

Jeffrey Walton noloader at gmail.com
Sat Aug 17 17:35:56 EDT 2013


On Sat, Aug 17, 2013 at 3:49 AM, Bryan Bishop <kanzure at gmail.com> wrote:
> On Sat, Aug 17, 2013 at 1:04 AM, Jon Callas <jon at callas.org> wrote:
>>
>> It's very hard, even with controlled releases, to get an exact
>> byte-for-byte recompile of an app. Some compilers make this impossible
>> because they randomize the branch prediction and other parts of code
>> generation. Even when the compiler isn't making it literally impossible,
>> without an exact copy of the exact tool chain with the same linkers,
>> libraries, and system, the code won't be byte-for-byte the same. Worst of
>> all, smart development shops use the *oldest* possible tool chain, not the
>> newest one because tool sets are designed for forwards-compatibility (apps
>> built with old tools run on the newest OS) rather than
>> backwards-compatibility (apps built with the new tools run on older OSes).
>> Code reliability almost requires using tool chains that are trailing-edge.
>
>
> Would providing (signed) build vm images solve the problem of distributing
> your toolchain?
You might try "Fully Countering Trusting Trust through Diverse
Double-Compiling", http://www.dwheeler.com/trusting-trust/


More information about the cryptography mailing list