If you use a binary distribution, you're already owned

Forget the days of hunting for exploits and probing for attack vectors.

The big boys have automated software systems for quickly identifying whole classes of exploits in software binaries, and frameworks for automatically generating rootkits using SAT/SMT solvers, concolic testing and attack synthesis. In a matter of minutes, they can have a print out of all of the exploits they can use, and software already to go to own your ass.

How the hell are you supposed to protect against this? Why are so many idiot project maintainers chasing after reproducible builds when this is exactly the type of shit the big boys love? Why aren't the major compiler projects invested in developing SMT-based code generators that can create different permutations of programs from random seeds that can possibly thwart this?

>>1
What you talking about? They have solved the halting problem and disproven Godel incompleteness theorems?

The big boys have automated software systems for quickly identifying whole classes of exploits in software binaries, and frameworks for automatically generating rootkits using SAT/SMT solvers, concolic testing and attack synthesis.

proof or it didn't happen. preferably with source codes I could use. I work in vuln research and while there are automated tools for fuzzing, source code analysis, reversing and ROP chain generation, you still need to do a lot of shit manually - especially when working to bypass hardening like ASLR which is very platform-specific. three-letter agencies might have better automated tools but probably no magic, just a bunch of good hackers and a lot of money.

Why are so many idiot project maintainers chasing after reproducible builds when this is exactly the type of shit the big boys love?

because reliability and ease of use are often considered more important than security. sad but ture

Why aren't the major compiler projects invested in developing SMT-based code generators that can create different permutations of programs from random seeds that can possibly thwart this?

the kind of randomness you want is difficult to get right. OS devs create ASLR which is fairly unproblematic right now but can be bypassed, especially on 32-bit systems where bruteforcing is easy. polymorphic code which works exactly the same but looks different on the assembly/machine code level is popular among malware devs but it replicates bugs exactly,meaning the same exploits will work anyway. what you need is the exact same functionality but with built-in bug incompatibility between builds. this isn't easy to do. also, it's still just hardening - the bug is there, it's just more difficult to exploit.

more importantly, low-level bugs which give you shell are not the most common (and not necessarily the most dangerous, but that depends on the specific case - if you want to leak confidential data, getting into the database might be enough) security issues. business logic bugs, bugs related to high-level languages, bad cryptography, confidential data leaks, downgrades to insecure connection modes, weak passwords and many other fun issues won't be mitigated by non-deterministic compilation.