In response to the Snowden revelation that the CIA compromised Apple developers' build process, thus enabling the government to insert backdoors at compile time without developers realizing, Debian, the world's largest free software project, has embarked on a campaign to to prevent just such attacks. Debian's solution? Reproducible builds.
In a talk at Chaos Communication Camp in Zehdenick, Germany, earlier this month (full text here), Debian developer Jérémy Bobbio, better known as Lunar, told the audience how the Linux-based operating system is working to bring reproducible builds to all of its more than 22,000 software packages.
Reproducible builds, as the name suggests, make it possible for others to reproduce the build process. "The idea is to get reasonable confidence that a given binary was indeed produced by the source," Lunar said. "We want anyone to be able to produce identical binaries from a given source."