> Simple but not 100% foolproof, you can mutate your source code and verify the ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		yjftsjthsd-h on April 7, 2021 \| parent \| context \| favorite \| on: Signal Server code on GitHub is up to date again > Simple but not 100% foolproof, you can mutate your source code and verify the changes propagate. If I was evil, I wouldn't have a totally separate source tree and binary that I shipped; I'd have my CI process inject a patch file. As a result, everything would work as expected - including getting any changes from the public source code - but the created binaries would be backdoored.

tlarkworthy on April 7, 2021 | [–]

Yeah I can fix this with work but just getting some users would be helpful first

pluies on April 7, 2021 | [–]

https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_Ref... :)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact