From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jeremiah@pdp10.guru Subject: Re: Preparing the reduced bootstrap tarballs Date: Sun, 18 Nov 2018 12:56:09 +0000 Message-ID: <87a7m61r4m.fsf@ITSx01.pdp10.guru> Mime-Version: 1.0 Content-Type: text/plain Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:36641) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gOMcY-00074I-BL for guix-devel@gnu.org; Sun, 18 Nov 2018 07:56:15 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gOMcV-00045i-5B for guix-devel@gnu.org; Sun, 18 Nov 2018 07:56:14 -0500 Received: from itsx01.pdp10.guru ([74.207.247.251]:38480 helo=itsx01) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gOMcU-000455-UL for guix-devel@gnu.org; Sun, 18 Nov 2018 07:56:11 -0500 Received: from auennplxrtxfoohp by itsx01 with local (Exim 4.89) (envelope-from ) id 1gOMcT-0007W3-9x for guix-devel@gnu.org; Sun, 18 Nov 2018 12:56:09 +0000 List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org > However, my impression (correct me if I'm wrong) is that we are not yet > able to bootstrap Guix exclusively from M2-Planet. That is correct as the step of bootstrapping MesCC from M2-Planet is not yet complete. However once that is done, we can leverage Mes.c and gash to complete the bootstrap of guix from that trusted reproducible source in a reproducible fashion. > For example, unless > I'm mistaken, we still need Guile in our bootstrap, and I'm guessing > that we are not yet able to build Guile exclusively from M2-Planet. > Is that right? We don't need it, so much as it is people wishing to avoid tedious work. We already can bootstrap kaem without any shells or interpreters and it can be used to run shell scripts that can perform the rest of the bootstrap of a lisp or a proper shell. I think because that work is less of a technical challenge that it has been skipped. > My only point is that if we cannot yet avoid blindly trusting > precompiled binaries, Depends on how restricted of an environment you ware willing to work in > I have higher confidence in our 2013 binaries than > in binaries we would produce today, because (1) we are more likely to be > a target today because Guix has become far more popular, (2) I expect > that intelligence agencies have far more advanced tools today than they > did in 2013, and (3) I expect that governmental policies have become far > more favorable to permitting such attacks against projects such as ours. 1) Granted 2) Not exactly; simply because the most advanced attack tool ever invented was the Nexus Intruder Program in 1958. (Hardware that subverts software that later subverts hardware designs and more software [firmware, microcode, etc]). The tools might get more expensive but the actual quality of attack tools depends on the teams and the market's demand for pumping out vulnerable products and bugs. (Like the recent Hard drive firmware attack which leveraged the vendor's cost cutting process to hijack the drives and then lock out future attempts at recovery. 3) Actually Government agencies are depending more and more on "Open source tools" (Their words not mine) as software budgets have gotten tighter and third party vendors integrate them more and more into their commercial offerings purchased by Goverment agencies. Putting a backdoor in the software most Government agencies depend upon, invites vulnerabilities in our own Intelligence Agencies infrastructure and increase the probablity that Spies will be identified before their flight to their target country leaves the ground. To do such would not only be suicidal for those Intelligence Agencies but also ensure Cyberwarfare against the Countries they work for that much more effective. Now that isn't to say they consider that an extranality and doom us all but nothing stays hidden when we can read the source and can DDC our entire bootstrap across arbitrary hardware/operating system combinations. -Jeremiah