kosmos.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
kosmos.social is run by the Kosmos open-source co-operative, and is open for new members via invitation by existing ones.

Server stats:

25
active users

Stanislaus Grumman

Is there a way of signing binaries to ensure that they are built from a specific source code? I do not want to trust the creator of the binary, I want to trust only available source code that can be audited.

@xiroux Two possibilities to mind:

1. Compile it yourself. Maybe do a binary comparison.
2. Check if multiple parties you trust not to be colluding get the same result.

But I might have missed something.

@xiroux You have to build things yourself to be sure it's genuine. If even that, see XcodeGhost, so make sure the build environment is clean too.

@xiroux if there isn't it would be a great idea to develop!

comparing to google