[Nix-dev] Funding Hydra Development
Vladimír Čunát
vcunat at gmail.com
Thu Jan 22 21:32:31 CET 2015
On 01/22/2015 04:12 PM, Alexander Kjeldaas wrote:
> > Therefore, the untrusted computers bring very little added value.
>
> I don't understand how this follow from the previous point. [...]
From a kind-of paranoid point of view, if I don't trust a computer at
all, it shouldn't be able to increase my trust in anything. I can't know
for sure whether it did compile anything at all or just copied the
result of the one it wants to confirm. In such a setting the
majority-vote with anyone free to join is cheap to manipulate. (That is
why e.g. bitcoin requires proof-of-work, so it needs superior
computational power to manipulate it.)
> Thus a normal NixOS (unknown, untrusted computer) can still recompile
> some random package that is being installed in order to strengthen trust
> in the official builds.
Of course, unknown people can rebuild random packages themselves to
increase *their* trust in what they downloaded, etc.
But for redundant builds to work at all, we would first need better
determinism and purity.
Vladimir
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3251 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.science.uu.nl/pipermail/nix-dev/attachments/20150122/568888dd/attachment.bin
More information about the nix-dev
mailing list