Hacker News new | ask | show | jobs
by sichtlinkair 1864 days ago
> At the end of the day you still need to trust the organization building your OS so they don't push a backdoor in your root installed package.

I am curious what are good solutions to this problem? Compile your OS (and any other software) from source?
2 comments
content_sesh 1864 days ago
Somewhere a Gentoo maintainer's ears are ringing, but they don't know why...
link
ex_amazon_sde 1862 days ago
A backdoor/bugdoor is much more likely to be in the source code. Compiling the code by yourself does not help.

You have to rely on a distribution that has a many-eyes review policy and has security conscious users.

link