kkarhan, 6 months ago @ravirockks Because code releases for #FLOSS are pointless if one can't verify the released code is actually what is being released as #binary. Something #TrueCrypt was rightfully criticized for back in it's days. In #ITsec, noone trusts anyone and thus being able to let everyone see and reproduce code as well as #audit it is vital to security. Same with #documentation on how to build something from source: It's vital to be able to do so for longterm-maintainability.
@ravirockks Because code releases for #FLOSS are pointless if one can't verify the released code is actually what is being released as #binary.
Something #TrueCrypt was rightfully criticized for back in it's days.
In #ITsec, noone trusts anyone and thus being able to let everyone see and reproduce code as well as #audit it is vital to security.
Same with #documentation on how to build something from source: It's vital to be able to do so for longterm-maintainability.