Honestly it's more that there's no reason to think any of those buttons do what they say they do. Why should they? I haven't inspected the source code which controls them, I didn't build the firmware images which go on my devices.
Without reproducible builds from multiple sources, how can we be sure of anything?
If there's a service we have a desperate need for, it's a change in ecosystem priorities that core functionality - OS's, chipsets, etc. - are open source, and updates go out as inspectable patches which get pulled into reproducible build farms and bittorrented out to users.
Start with C compilers and work your way outward from there, but I should be able to cryptographically prove to myself that the firmware update going into my Android phone was independently reproducible from public source code from users in a few different nations.
Without reproducible builds from multiple sources, how can we be sure of anything?
If there's a service we have a desperate need for, it's a change in ecosystem priorities that core functionality - OS's, chipsets, etc. - are open source, and updates go out as inspectable patches which get pulled into reproducible build farms and bittorrented out to users.
Start with C compilers and work your way outward from there, but I should be able to cryptographically prove to myself that the firmware update going into my Android phone was independently reproducible from public source code from users in a few different nations.