Hello, On Sun, 4 Sep 2011 16:25:16 +0800 Koh Choon Lin <[email protected]> wrote:
> If there are multiple builders of IceCat, how do I know which build to > trust. You can't know. If I wanted to upload a malicious build of Icecat, I could make a checksum of it, sign it with a temporary GPG key, etc. There is no such thing as 100 percent security. At some point you simply have to trust one. It is the question how much effort you want to put in your security. The most secure method would be to download the source, check yourself if some malicious code is hidden, and then build it. Be sure that your compiler hasn't been altered to do malicious things. Security is one of the main reasons I use free software. With proprietary software I can't be sure what the software is doing actually. -- http://gnuzilla.gnu.org
