Hacker News new | ask | show | jobs
by 3rodents 135 days ago
By that standard, it can never be verified because what is running and what is reviewed could be different. Reviewing relevant elements is as meaningful as reviewing all the source code.
2 comments
dangus 135 days ago
Let’s be real: the standard is “Do we trust Meta?”

I don’t, and don’t see how it could possibly be construed to be logical to trust them.

I definitely trust a non-profit open source alternative a whole lot more. Perception can be different than reality but that’s what we’ve got to work with.

link
giancarlostoro 135 days ago
Or they could even take out the backdoor code and then put it back in after review.
link
hedora 135 days ago
This is why signal supports reproducible builds.
link
pdpi 135 days ago
In this day and age, in a world with Docker and dev containers and such, it's kind of shocking that reproducible builds aren't table stakes.
link
LtWorf 134 days ago
Does it still require the gigantic binary blob?
link
taneq 135 days ago
Ah yes, the Volkswagen solution.
link
KellyCriterion 135 days ago
++1

"target market product alignment" :-D

link