Rutkowska: Security challenges for the Qubes build process

Qubes founder Joanna Rutkowska writes about how Qubesworks to avoid building compromised software into its distribution."Ultimately, we would like to introduce a multiple-signature scheme,in which several developers (from different countries, social circles,etc.) can sign Qubes-produced binaries and ISOs. Then, an adversary wouldhave to compromise all the build locations in order to get backdooredversions signed. For this to happen, we need to make the build processdeterministic (i.e. reproducible). Yet, this task still seems to be yearsahead of us."