Reproducible Builds Stage 2
There has been a lot of progress to achieve reproducible builds of the Tails ISO image (#5630 (closed)). But to effectively protect against infrastructure or developer compromise, it should also be possible to verify that the packages downloaded from our repositories are not modified. This affects two repositories:
(We host a third repository , but it effects only development builds, so it is not relevant for releases, which is what we care about in this effort.)
Those packages could be maliciously modified by Administrators / compromised infrastructure, and there is currently no process to verify that these packages are not modified.
We want to solve this issue in the “second stage” of our effort to provide reproducible builds.
One question shall be answered first though: assuming we solve the issues described above, what are the remaining ones? IOW, will this substantially raise the bar for an adversary?
- Related to sysadmin#6220