I understand that probably there is little interest if you are a device ROM maintainer to embed a backdoor into it. But it’s still possible. Lineage has a fairly simple and open build process. Should I do it on my own? Or should I trust the maintainers and not bother? What are your thoughts?

  • Drew Belloc
    link
    fedilink
    English
    21 year ago

    If you have the time and it sound like something fun or at least something that won’t make you mad by the end of it i would say do it!

  • @[email protected]
    link
    fedilink
    English
    1
    edit-2
    1 year ago

    I think they require that builds happen on their build servers using public source to make sneaking in something unsavory harder. A maintainer can’t just say here ship this binary.

    Here you can see that they use an automated build system and a means to track what is getting built.

    What is your threat model? I would be more worried about those proprietary firmware blobs that you have to use with your hardware irrespective of what ROM you choose. If you’re worried about a maintainer sneaking in a back door, I would think that unlikely because it would leave a paper trail.

    • FarLine99OP
      link
      fedilink
      English
      11 year ago

      Yes, I have already been explained here how the build process takes place. Now I understand that it is transparent and open. I didn’t know this before and thought maintainer was just putting builds in the repository 🤷 I’m stupid, I know 😁