- cross-posted to:
- privacy@lemmy.ml
- cross-posted to:
- privacy@lemmy.ml
I understand that probably there is little interest if you are a device ROM maintainer to embed a backdoor into it. But it’s still possible. Lineage has a fairly simple and open build process. Should I do it on my own? Or should I trust the maintainers and not bother? What are your thoughts?
If you have the time and it sound like something fun or at least something that won’t make you mad by the end of it i would say do it!
👍😁
I think they require that builds happen on their build servers using public source to make sneaking in something unsavory harder. A maintainer can’t just say here ship this binary.
Here you can see that they use an automated build system and a means to track what is getting built.
What is your threat model? I would be more worried about those proprietary firmware blobs that you have to use with your hardware irrespective of what ROM you choose. If you’re worried about a maintainer sneaking in a back door, I would think that unlikely because it would leave a paper trail.
Yes, I have already been explained here how the build process takes place. Now I understand that it is transparent and open. I didn’t know this before and thought maintainer was just putting builds in the repository 🤷 I’m stupid, I know 😁
degoogle it too if you don’t
minmicrog is awesome 😏