Comment by 3rodents

Comment by 3rodents 13 hours ago

By that standard, it can never be verified because what is running and what is reviewed could be different. Reviewing relevant elements is as meaningful as reviewing all the source code.

giancarlostoro 12 hours ago

Or they could even take out the backdoor code and then put it back in after review.

Reply View 4 replies

hedora 9 hours ago

This is why signal supports reproducible builds.

Reply View | 1 reply
- pdpi 7 hours ago
  
  In this day and age, in a world with Docker and dev containers and such, it's kind of shocking that reproducible builds aren't table stakes.
  
  Reply View | 0 replies
taneq 12 hours ago

Ah yes, the Volkswagen solution.

Reply View | 1 reply
- KellyCriterion 12 hours ago
  
  ++1
  "target market product alignment" :-D
  
  Reply View | 0 replies

dangus an hour ago

Let’s be real: the standard is “Do we trust Meta?”

I don’t, and don’t see how it could possibly be construed to be logical to trust them.

I definitely trust a non-profit open source alternative a whole lot more. Perception can be different than reality but that’s what we’ve got to work with.

Reply View 0 replies