☆ Yσɠƚԋσʂ ☆@lemmy.ml to Privacy@lemmy.mlEnglish · 4 个月前Telegram Hands U.S. Authorities Data on Thousands of Userswww.404media.coexternal-linkmessage-square120fedilinkarrow-up1109cross-posted to: [email protected]
arrow-up1109external-linkTelegram Hands U.S. Authorities Data on Thousands of Userswww.404media.co☆ Yσɠƚԋσʂ ☆@lemmy.ml to Privacy@lemmy.mlEnglish · 4 个月前message-square120fedilinkcross-posted to: [email protected]
minus-squareKairos@lemmy.todaylinkfedilinkarrow-up2·4 个月前Compiling the app is irrelevant if I don’t read the source.
minus-square☆ Yσɠƚԋσʂ ☆@lemmy.mlOPlinkfedilinkarrow-up6·4 个月前That’s nonsense, because many different people read the source and audit open source software. While it’s certainly possible to sneak malicious code in, the trust doesn’t depend on each single individual auditing it. It’s a collective effort.
minus-squarePup Biru@aussie.zonelinkfedilinkEnglisharrow-up1·4 个月前okay, but reproducible builds solve the rest of that problem https://signal.org/blog/reproducible-android/
minus-square☆ Yσɠƚԋσʂ ☆@lemmy.mlOPlinkfedilinkarrow-up2·4 个月前Yeah, now that they finally have reproducible builds, at least you can trust that the client is doing what it says it’s doing.
Compiling the app is irrelevant if I don’t read the source.
That’s nonsense, because many different people read the source and audit open source software. While it’s certainly possible to sneak malicious code in, the trust doesn’t depend on each single individual auditing it. It’s a collective effort.
okay, but reproducible builds solve the rest of that problem
https://signal.org/blog/reproducible-android/
Yeah, now that they finally have reproducible builds, at least you can trust that the client is doing what it says it’s doing.