Log in

❖ Browsing media by libreplanet

You think you're not a target? A tale of three developers...

Chris Lamb

If you develop or distribute software of any kind, you are vulnerable to whole categories of attacks upon yourself or your loved ones. This includes blackmail, extortion or "just" simple malware injection! By targeting software developers such as yourself, malicious actors, including nefarious governments, can infect and attack thousands -- if not millions -- of end users.

How can we prevent these disasters? The idea behind reproducible builds is to allow verification that no flaws have been introduced during build processes; this prevents against the installation of backdoor-introducing malware on developers' machines, ensuring attempts at extortion and other forms of subterfuge are quickly uncovered and thus ultimately futile.

Through a story of three different developers, this talk will engage you on this growing threat to you, and how it affects everyone involved in the production lifecycle of software development, as well as how reproducible builds can help prevent against it.

Added

1 year, 8 months ago

Tagged with

LibrePlanet 2018 video · LibrePlanet 2018 · LibrePlanet · lp2018 · video

Collected in

LibrePlanet 2018 Videos and Slides (libreplanet)

License

CC BY-SA 4.0

Download


This talk was presented at LibrePlanet.

libreplanet.org


LibrePlanet is the Free Software Foundation's annual conference. The FSF campaigns for free/libre software, meaning it respects users' freedom and community. We believe that users are entitled to this; all software should be free.

gnu.org/important


We do not advocate "open source".

That term was coined to reject our views. It refers to similar practices, but usually presented solely as advantageous, without talking of right and wrong.

gnu.org/not-open-source


Richard Stallman launched the free software movement in 1983 by announcing development of the free operating system, GNU. By 1992, GNU was nearly operational; one major essential component was lacking, the kernel.

gnu.org/gnu-begin


In 1992, Torvalds freed the kernel Linux, which filled the last gap in GNU. Since then, the combined GNU/Linux system has run in millions of computers. Nowadays you can buy a new computer with a totally free GNU/Linux system preinstalled.

gnu.org/gnu-and-linux


The views of the speaker may not represent the Free Software Foundation. The Foundation supports the free software cause and freedom to share, and basic freedoms in the digital domain, but has no position on other political issues.