Transparency is impossible as soon as you have a two stages (source and compiled) code production. No matter how you lock things (TPM, source review, etc..) the interaction between compiler (a complicated compiled code) and source code cannot be ensured. The only solution would be to write directly machine code by hand and have it audited by independent people. But then you have the processor and its intruction set, etc.. IMHO, the traditionnal hand based process solves all the issues and is much cheaper and infinitely more trustable.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds