| 21 Jun 2021 |
 @grahamc:nixos.org | it is a fairly standard set of tools that are made sure they can be built reproducibly and then tar'd up | 01:36:41 |
| @grahamc:nixos.org | 1s | 01:36:41 |
| @grahamc:nixos.org | Xe: https://search.nix.gsc.io/?q=http%3A%2F%2Ftarballs.nixos.org%2Fstdenv&i=nope&files=&repos= | 01:38:17 |
|  ziguana joined the room. | 01:39:00 |
 Xe (xe/they) | and the ultimate root is some set of tools that eelco originally made nix with? | 01:39:34 |
| @grahamc:nixos.org | iirc they came from suse | 01:40:31 |
| @grahamc:nixos.org | ~forever ago | 01:40:59 |
| Xe (xe/they) | so i guess if somehow there's a "more verifiable" way to make the root bundle of compilers then using it would boil down to replacing the tarball in bootstrapTools? | 01:42:23 |
| @grahamc:nixos.org | sure | 01:42:44 |
| Xe (xe/they) | i see | 01:43:00 |
| @grahamc:nixos.org | for example we could go through the process to bootstrap across a bunch of machines of different makes and models and OS's and find all the ways they build differently, make them build the same, and then decide that is probably good | 01:43:36 |
| @grahamc:nixos.org | another thing is progressively reducing the number of mystery meat bytes, also good, also hard work | 01:44:15 |
| @grahamc:nixos.org | I think it is good to make progress on this bootstrap problem over time, but I think it has diminishing returns and moves in to the realm of "is it plausible none of the users would notice the compromise?", and "do we really trust this CPU?" | 01:47:31 |
 siraben | Issue on reducing bootstrapping: https://github.com/NixOS/nixpkgs/issues/123095 | 02:20:06 |
| siraben | Melg8 has had some progress on integrating the bootstrappable with Nixpkgs | 02:20:32 |
|  steve joined the room. | 05:38:37 |
 Reventlov | Redacted or Malformed Event | 07:41:25 |
| siraben | In reply to @hexa:lossy.network
his post is essentially dead it's back to third place | 07:55:37 |
| siraben | but i downvoted | 07:55:39 |
| siraben |
The website says reproducibility can reduce the risk of developers being threatened or bribed to backdoor their software, but that is just ridiculous. Developers have a perfect method for making their own software malicious: bugdoors. A bugdoor (bug + backdoor) is a deliberately introduced "vulnerability" that the vendor can "exploit" when they want backdoor access.
this seems to miss the point of reproducibility, IMO
| 07:58:03 |
| siraben | *
The website says reproducibility can reduce the risk of developers being threatened or bribed to backdoor their software, but that is just ridiculous. Developers have a perfect method for making their own software malicious: bugdoors. A bugdoor (bug + backdoor) is a deliberately introduced "vulnerability" that the vendor can "exploit" when they want backdoor access.
this seems to miss the point of reproducibility, IMO (I'm aware I'm preaching to the choir here though 😅)
| 07:59:14 |
 raboof | he wrote a blogpost about that a while back, too. I haven't re-read it, but it seems his point boils down to "X doesn't solve all problems of humanity, so it is useless" - which doesn't seem too helpful. | 08:00:16 |
| raboof | * taviso wrote a blogpost about that a while back, too. I haven't re-read it, but it seems his point boils down to "X doesn't solve all problems of humanity, so it is useless" - which doesn't seem too helpful. | 08:01:18 |
| siraben | I agree, that appears to be his opinion, and the claim that reproducible builds adds complexity is startling | 08:01:23 |
| raboof | * taviso wrote a blogpost about that a while back, too. I haven't re-read it, but it seems the argument boils down to "X doesn't solve all problems of humanity, so it is useless" - which doesn't seem too helpful. | 08:01:33 |
| raboof | well, it quite obviously adds complexity, as we have to Do Stuff to make it happen. It also reduces complexity in other places. How that balances out is not easy to quantify :) | 08:02:46 |
| siraben | in the innocent case, unreproducible binaries still behave "the same" (this is very vague, since program equivalence is not trivial under compiler optimizations for instance) | 08:02:49 |
| siraben | * in the innocent case, unreproducible binaries still behave "the same" (this is very vague, since program equivalence is not trivial under compiler optimizations for instance), but this quickly does not become the case | 08:03:28 |
| siraben | you can use bit-for-bit reproducibility as evidence for the claim "my program is your program" | 08:04:03 |
| siraben | and the more the environments under which you perform the build differ, if you still maintain identical binaries that's really good | 08:04:41 |
