If you use a binary distribution, you're already owned

Forget the days of hunting for exploits and probing for attack vectors.

The big boys have automated software systems for quickly identifying whole classes of exploits in software binaries, and frameworks for automatically generating rootkits using SAT/SMT solvers, concolic testing and attack synthesis. In a matter of minutes, they can have a print out of all of the exploits they can use, and software already to go to own your ass.

How the hell are you supposed to protect against this? Why are so many idiot project maintainers chasing after reproducible builds when this is exactly the type of shit the big boys love? Why aren't the major compiler projects invested in developing SMT-based code generators that can create different permutations of programs from random seeds that can possibly thwart this?

>>6
here's a thing: unless you're a deep cover secret agent or an ultra-1337 hacker who erased all the info about himself AND your secrecy is absolutely perfect (which is more or less impossible), your sensitive data is on computers even if you don't put it there. even if you don't use online banking, banks store your data on their servers. your employer stores your data on his servers. the government does it. if you use a mobile phone, all your communications go through computers both inside your phone and the ones used to handle telecom shit. wherever you go everyone is connected, let's all love Lain