Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You cannot really use that as argument. Everyone does that so it does not make Apple ”worse”.

Same applies almost every Linux distribution since their builds are not reproducible.

It is just a matter of who you want to trust. Eventually you need to trust someone.



Not everyone does this

My core area of research is supply chain attacks, and I run a company where we regularly train high risk organizations how to remove trust from any single human or system in critical areas of their stack like key management, CI/CD, etc. Many of our clients are fintech companies where trusting a single person, even a system administrator, would seriously endanger them.

Meanwhile Apple sysadmins still manage most of their infra with centrally controlled Puppet nodes last I heard.

Speaking of Linux distros, I created a 100% reproducible and full-source-bootstrapped Linux distro where every package is signed and reproduced by multiple people to avoid having to trust any single human, including me.

https://codeberg.org/stagex/stagex

Guix comes close to this mark too, so we are hardly the only viable option in town.

There are always alternatives to centralizing trust and you do not need to have an Apple-sized budget to afford them.


  Eventually you need to trust someone.
There are plenty of things I use but don't trust.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: