Comment by delichon
17 days ago
Even if I had the skills to confirm the code is secure, how could I know that this is the code running on my phone, without also having the skills to build and deploy it from source?
17 days ago
Even if I had the skills to confirm the code is secure, how could I know that this is the code running on my phone, without also having the skills to build and deploy it from source?
Also, you need to make sure that the installation process does not insert a backdoor into the code you built from source.
Or the compilation process!
https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_Ref...