Tossing grenades over the wall: Ensuring the sustainability of our tech through Reproducible Builds

Can you imagine pushing a code update to a "smart" lightbulb without knowing what has been changed? How about a vehicle's brakes? What about a nuclear reactor…? The usual motivation behind "reproducible" builds is to ensure that no malicious flaws have been injected during the build processes. By adopting them they can prevent machine compromise, blackmail and compliance mistakes by ensuring identical binaries are always generated from a given source. However, reproducible builds will also become essential to ensure the long-term sustainability of the technology underpinning our civilisation. This is not only through reducing deployment risk, but in an age increasingly concerned with compliance and licensing issues, they also provide a means to audit the technology behind our society and thus ensure the long-term sustainability of our infrastructure. This talk explains how and why this is a vital and long-overdue topic for anyone interested in a positive future of software engineering.

Additional information

Type Talk
Language English

More sessions

3/30/18
Jürgen Tautz
Heisenberg 1
Biology: Honeybees build their combs as communication platform for the exchange of signals. The complete darkness inside their nest and a never ending background noise are two problems the bees do overcome. IT: In a project called we4bee we build on top and merge bee colonies to a hyper network for hacking a complex superorganism.
3/30/18
grindhold
Heisenberg 2
Die Licht- und Schattenseiten einer viel zu wenig beachteten Programmiersprache.
3/30/18
RFguy
Heisenberg 1
In moderenen Campingfahrzeugen gibt einen Schlüssel für alles, wie sicher sind diese Systeme, was sind Ihre Schwachstellen. Gibt es da etwa noch weitere Öffennungsmöglichkeiten und etwa jeder Händler einen Schlüssel.
3/30/18
Habrok
Heisenberg 1
Im Talk möchte ich verschiedene Eigenkonstruktionen vorstellen, die spezielle Anforderungen unserer Katzen mittels Automaten erfüllen.
3/30/18
Heisenberg 1
Deutsche Digitalisierungsprojekte sind meist obskure Insellösungen, so auch das "besondere elektronische Anwaltspostfach" und der elektronische Rechtsverkehr. Im Talk erklären wir, was da alles kaputt ist, was wir gefunden haben und was seit dem 34c3 so gelaufen ist.
3/30/18
Unbenannter Nutzer
Heisenberg 1
Computereinspieler & Fake-Software in (deutschen) TV-Produktionen mit vielen Beispiele und Geschichten drumherum.
3/31/18
Heisenberg 1
We'll show you how we reverse engineered Fitbit firmware, applications and their ecosystem.