[Nix-dev] Funding Hydra Development

Vladimír Čunát vcunat at gmail.com
Thu Jan 22 21:32:31 CET 2015

On 01/22/2015 04:12 PM, Alexander Kjeldaas wrote:
> > Therefore, the untrusted computers bring very little added value.
> I don't understand how this follow from the previous point.  [...]

 From a kind-of paranoid point of view, if I don't trust a computer at 
all, it shouldn't be able to increase my trust in anything. I can't know 
for sure whether it did compile anything at all or just copied the 
result of the one it wants to confirm. In such a setting the 
majority-vote with anyone free to join is cheap to manipulate. (That is 
why e.g. bitcoin requires proof-of-work, so it needs superior 
computational power to manipulate it.)

> Thus a normal NixOS (unknown, untrusted computer) can still recompile
> some random package that is being installed in order to strengthen trust
> in the official builds.

Of course, unknown people can rebuild random packages themselves to 
increase *their* trust in what they downloaded, etc.

But for redundant builds to work at all, we would first need better 
determinism and purity.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3251 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.science.uu.nl/pipermail/nix-dev/attachments/20150122/568888dd/attachment.bin 

More information about the nix-dev mailing list