[libre-riscv-dev] web-of-trust for code reviews to manage trusting dependencies
Luke Kenneth Casson Leighton
lkcl at lkcl.net
Tue Aug 27 12:29:48 BST 2019
I found the location to which the security audit and design contributions -
some of them - had been pathologically shunted and ignored by Mozilla B2G.
I found out later that Mozilla has a decades long standing track record of
ignoring security advice by experts.
I provided *seven* extremely important reasons why SSL is a failure for use
as a package distribution method.
Response: SSL was used as the B2G package distribution method.
Fortunately, B2G was a failure due to excessive CPU utilisation, down to
crowd-funded eco-conscious hardware: https://www.crowdsupply.com/eoma68
More information about the libre-riscv-dev