You think you're not a target? A tale of three developers...


Chris Lamb


You think you're not a target? A tale of three developers...

Note: WE ARE MEETING AT TWO SIGMA!! We'll need names, and you will need IDs. RSVP will open Wednesday Mar 6th, 2018, 4:30pm.

"You think you're not a target? A tale of three developers..."

If you develop or distribute software of any kind, you are vulnerable to whole categories of attacks upon yourself or your loved ones. This includes blackmail, extortion or "just" simple malware injection… By targeting software developers such as yourself, malicious actors, including nefarious governments, can infect and attack thousands — if not millions — of end users.

How can we avert this? The idea behind "reproducible" builds is to allow verification that no flaws have been introduced during build processes; this prevents against the installation of backdoor-introducing malware on developers' machines, ensuring attempts at extortion and other forms of subterfuge are quickly uncovered and thus ultimately futile.

Through a story of three different developers, this talk will engage you on this growing threat to you and how it affects everyone involved in the production lifecycle of software development, as well as how reproducible builds can help prevent against it.

Join us afterwards at the Cupping Room Cafe where we'll continue the discussion over drinks and/or food. The Cupping Room Cafe is located at 359 W Broadway, two blocks from the venue.

Speaker Bio:

Currently Project Leader of the Debian GNU/Linux project, Chris is freelance computer programmer, author of dozens of free-software projects and contributor to 100s of others.

Chris has been official Debian Developer since 2008 and is currently highly active in the Reproducible Builds sub-project for which he has been awarded a grant from the Linux Foundation's Core Infrastructure Initiative. In his spare time he is an avid classical musician and Ironman triathlete.

Chris has spoken at numerous conferences, including LinuxCon China, HKOSCon, (, DjangoCon Europe, OSCAL, Software Freedom Kosovo and FOSS'ASIA.