[Reproducible-commits] [source-date-epoch-spec] 04/04: Better opening paragraph

[Chris Lamb]

This is an automated email from the git hooks/post-receive script.

lamby pushed a commit to branch master
in repository source-date-epoch-spec.

commit f027bde8d40608dd224aeabe9d46ab3b24d44ad7
Author: Chris Lamb <lamby at debian.org>
Date:   Wed Aug 26 00:03:26 2015 +0200

    Better opening paragraph
---
 source-date-epoch-spec.xml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/source-date-epoch-spec.xml b/source-date-epoch-spec.xml
index 82f59fd..8fc56a1 100644
--- a/source-date-epoch-spec.xml
+++ b/source-date-epoch-spec.xml
@@ -45,6 +45,18 @@
 	<sect2>
 		<title>Why they matter</title>
 		<para>
+			Reproducible build processes help prevent against
+			backdoor-introducing malware being installed on
+			developers' machines - not only does an attacker need
+			to insert the same backdoor on the machines of all the
+			developers who are attempting to reproduce the build,
+			the malware is now almost certain to be widely exposed
+			which dramatically increases the risk to the attacker.
+			Combined with diverse cross-compiling, reproducible
+			builds can also detect most variations of the "Trusting
+			Trust" Thompson attack.
+		</para>
+		<para>
 			Highly privacy-conscious projects such as Tor and
 			Bitcoin have a clear interest in allowing their users
 			to verify that the available binaries correspond to the

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/source-date-epoch-spec.git