Comment by tga_d
5 days ago
People reproducibly build Signal all the time. There's a bug right now that makes the play store version differ from the one you get by downloading off their website/build from source, but you can examine the differences to see they're minor.
>People reproducibly build Signal all the time
source? Is there a site that tracks this, or only shows up when someone raises an issue on github?
Pick a decently up-to-date fork of Signal on GitHub and look at its Actions. You can also just do it yourself if you'd like, the process is effectively just doing a build in a docker container and comparing the result.
https://github.com/signalapp/Signal-Android/blob/main/reprod...
The github action finishing is not the same as "reproducibility built it", which implies verification against the official build.
1 reply →