The thing is that how do you know at the end of the day that the compiled binary... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Alejandro9R 65 days ago \| parent \| context \| favorite \| on: A macOS app that blurs your screen when you slouch The thing is that how do you know at the end of the day that the compiled binary hasn't been tampered with "extra code" besides what's in the repo? I don't even think notarization gets rid of this problem neither, so the best you can do for this is compile it yourself. Maybe I'm wrong!

alexford1987 65 days ago | [–]

Compiling it yourself is the best/only thing you can do if you really want to know what code went into a binary.

prmoustache 65 days ago | | [–]

What prevents you from compiling it if it is open-source?

That's what I do with every project delivered as docker image. I rebuild the app and the image.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact