[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Deterministic builds?



Some sparse ideas:

- Provide a small Integrity verification tool that and end-user will be
able to use to verify the software integrity of the "Officially
released-build" that have been build by "Recognized trusted persons"

- Provide a small "Tor Download Tool", a very lightweight verifiable
code, that allow and end-user to "Download latest release of Tor" in a
verified and trusted way
  IE: If the Tor-Download tool is trust-able, than it may implement all
the integrity verification tool measures.

However, sincerely, i do not think end-users will be verifying it.
Only if the methods and tools are "dumb-proof", than there are "some
chance" that users will really verify it.

Additionally i'de like to make a consideration, for verification
approach (and i would say also for all the build-system related issues),
to consider Third party developers that are willing to integrate Tor
into their systems.

IE: Let's envision Tor being a "Platform" that Third party can embed
into their applications, something like:
- Specialized Client (TBB based) for Whistleblowing
- Specialized Client to Access specific Web resources
- Porn based access-client (think about the 15yo teenager in Saudi...)

In that case the "Build system" and integrity verification tool should
consider that:
- Some of the binaries will be the one officially released by Tor Project
- Some of the binaries/directories will be available for
modification/adding by third party developers

So i would suggest to keep this consideration, third parties willing to
use and ship software including Tor Project software (if possible
without rebuilding it, and if possible delivering similar integrity
checking measures).

It maybe provide some kind of overhead, but would look for medium-long
term solution where third parties will start using Tor as a sort of
"Private Middleware" for secure and/or anonymous networked-resources access.

-naif


On 1/5/12 12:15 PM, Jacob Appelbaum wrote:
> Hi,
> 
> A few Tor hackers are meeting today to discuss build engineering issues
> and we'd like to start a thread on deterministic builds.
> 
> We believe that Windows and Mac OS X both produce build results that are
> extremely difficult to verify. On Gnu/Linux sometimes the build results
> are difficult to verify.
> 
> If anyone has thoughts on the matter, we'd love to hear how Tor as a
> project should tackle verifiable builds of the various software we ship.
> 
> All the best,
> Jacob
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk