Headlines |
2016-11-26 |
Webconverger gains reproducible builds |
|
Reproducible builds are a method by which a person with access to source code can verify the binary file (or ISO image) they have was created using the corresponding source code. An executable program or image file created using a reproducible method will be the same each time it is compiled, making it easier to confirm no back doors or flaws have been introduced in the build process. The Webconverger project has introduced reproducible builds for the Linux-based kiosk software: "Webconverger was started because I couldn't trust those terminals and kiosks in public spaces to browse the Web. I trust my work because I had a hand in building it, though there are some technical features which may convince you to trust it too. First every commit is made publicly on Github. You can see me transparently make changes. You can verify every changed file. Every upstream file is a binary built by Debian, Mozilla & for flash, Adobe, again you can verify that using file checksums. However how can you infer that the head of Webconverger git repository corresponds to an ISO release you downloaded which you would use to deploy to your hardware? Previously you would have to trust the checksum I provided on the release page, but if you built Webconverger yourself, you would get a different checksum. Why? Because the build chain would typically use the current date and when bundled up, the checksum is different. We have fixed this now and now you can too can produce independently verifiable ISO builds of Webconverger. This security feature is called reproducible builds." Further information is available on the Webconverger website. |
More headlines from this project
Back to News
|
|
TUXEDO |
TUXEDO Computers - Linux Hardware in a tailor made suite Choose from a wide range of laptops and PCs in various sizes and shapes at TUXEDOComputers.com. Every machine comes pre-installed and ready-to-run with Linux. Full 24 months of warranty and lifetime support included!
Learn more about our full service package and all benefits from buying at TUXEDO.
|
Star Labs |
Star Labs - Laptops built for Linux.
View our range including the highly anticipated StarFighter. Available with coreboot open-source firmware and a choice of Ubuntu, elementary, Manjaro and more. Visit Star Labs for information, to buy and get support.
|
|