hi, the 90sec video about Reproducible Builds, which we showed in our talk and which features Pizza and Legos is available at https://www.youtube.com/watch?v=PSxm2DbDHG8 with German and English subtitles. (those also attached :) I'd appreciate translations to Portuguese and Spanish! ;) -- tschau, Holger ------------------------------------------------------------------------------- holger@(debian|reproducible-builds|layer-acht).org PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C
1 00:00:05,600 --> 00:00:07,200 I'm Holger Levsen 2 00:00:07,200 --> 00:00:09,700 and since 5 years I've been working on Reproducible Builds 3 00:00:09,800 --> 00:00:15,100 where we aim to create a more secure delivery chain for software productions. 4 00:00:17,400 --> 00:00:20,100 Our aim is, that one can be sure 5 00:00:20,100 --> 00:00:22,400 that the tools built 6 00:00:22,300 --> 00:00:26,300 don't contain any backdoors, that they all do the same. 7 00:00:29,800 --> 00:00:31,500 In the past 8 00:00:31,500 --> 00:00:33,900 'reproducible' or 'reproducible programms' ment 9 00:00:34,000 --> 00:00:35,400 'I built a program twice 10 00:00:35,500 --> 00:00:38,800 und I twice get a program which does the same things.' 11 00:00:38,800 --> 00:00:40,900 For us, it means 'bit by bit identical' 12 00:00:40,900 --> 00:00:43,000 as in I build a program twice 13 00:00:43,000 --> 00:00:45,100 and as a result I have twice an identical pile of bits, 14 00:00:45,200 --> 00:00:46,900 which is 100% the same. 15 00:00:51,100 --> 00:00:54,800 I've got two pizzas here, made by machines, 16 00:00:54,800 --> 00:00:56,000 but they are different because 17 00:00:56,000 --> 00:01:01,000 the ingredients, food, simply is organic, thus different. 18 00:01:01,300 --> 00:01:03,100 While these two bags of lego 19 00:01:04,700 --> 00:01:08,200 let you build two times a 100% identical result. 20 00:01:18,000 --> 00:01:20,200 This lego is not fully identical... 21 00:01:20,400 --> 00:01:21,500 the proof has been made 22 00:01:21,500 --> 00:01:23,200 I'm not a machine.
1 00:00:05,600 --> 00:00:07,200 Ich bin Holger Levsen 2 00:00:07,200 --> 00:00:09,700 und seit 5 Jahren arbeite ich an Reproducible Builds, 3 00:00:09,800 --> 00:00:15,100 wo wir die Lieferkette für Software Produktionen sicherer machen wollen. 4 00:00:17,400 --> 00:00:20,100 Das soll dazu dienen, daß mensch dann sicher sein kann, 5 00:00:20,100 --> 00:00:22,400 daß die Werkzeuge, die das baut, 6 00:00:22,300 --> 00:00:26,300 daß da keine Hintertüren eingebaut sind, daß die alle dasselbe machen. 7 00:00:29,800 --> 00:00:31,500 Früher war's so 8 00:00:31,500 --> 00:00:33,900 "reproduzierbar" oder "reproduzierbare Programme" heißt 9 00:00:34,000 --> 00:00:35,400 "ich bau ein Programm (zweimal) 10 00:00:35,500 --> 00:00:38,800 und es kommt zweimal ein Programm raus, das dieselben Dinge tut." 11 00:00:38,800 --> 00:00:40,900 Bei uns heißt das aber "bit für bit identisch" 12 00:00:40,900 --> 00:00:43,000 also ich baue zweimal ein Programm 13 00:00:43,000 --> 00:00:45,100 und das Ergebnis hat zweimal denselben Bithaufen, 14 00:00:45,200 --> 00:00:46,900 der sieht 100% identisch aus. 15 00:00:51,100 --> 00:00:54,800 Ich hab hier zwei Pizzen, die sind von Maschinen gemacht 16 00:00:54,800 --> 00:00:56,000 aber sie sind unterschiedlich weil 17 00:00:56,000 --> 00:01:01,000 die Zutaten, Lebensmittel, sind einfach organisch, sind unterschiedlich. 18 00:01:01,300 --> 00:01:03,100 Während hier, zwei Legobeutel... 19 00:01:04,700 --> 00:01:08,200 und da lässt sich jetzt einfach zweimal 100% dasselbe raus bauen. 20 00:01:18,000 --> 00:01:20,200 Dieses Lego ist nicht ganz identisch... 21 00:01:20,400 --> 00:01:21,500 der Beweis ist erbracht, 22 00:01:21,500 --> 00:01:23,200 ich bin keine Maschine.
Attachment:
signature.asc
Description: PGP signature