Loading…
Attending this event?
Learn more about LinuxCon + ContainerCon + CloudOpen China, happening June 19-20. 

Customize your schedule by experience level and/or presentation language: Refer to the “Filter by Type” list on the right to find a session based on topic and/or experience level. Presentation Language - Sessions are categorized as [C] Chinese, [C,E] Chinese with English Slides or [E] English at the end of each talk title.
View analytic
Monday, June 19 • 11:40 - 12:10
Reproducible Builds: Fulfilling the Original Promise of Free Software [E] - Chris Lamb, CII

Sign up or log in to save this to your schedule and see who's attending!

Log in to leave feedback.
Whilst anyone can inspect the source code of free software for malicious flaws, most Linux distributions provide binary or "compiled" packages to end users.

The motivation behind "reproducible" builds is to allow verification that no flaws have been introduced during this compilation process by promising identical binary packages are always generated from a given source.

This prevents against the installation of backdoor-introducing malware on developers' machines - an attacker would need to simultaneously infect or blackmail all developers attempting to reproduce the build.

This talk will focus on how exactly software can fail to be reproducible, the tools, tests & specifications we have written to fix & diagnose issues as well as the many amusing "fails" in upstream code that have been unearthed by this process. In addition, you will learn what to avoid in your own software.

Speakers
avatar for Chris Lamb

Chris Lamb

Computer Programmer, CII
I am a polyglot freelance computer programmer who is the author of dozens of free projects and contributor to 100s of others. I've been an official Debian Developer since 2008 and am currently highly active in the Reproducible Builds project where I have been awarded a grant from... Read More →


Monday June 19, 2017 11:40 - 12:10
Room 307B

Attendees (7)