<p>I recommend using this setup for <ahref="../privacy/index.html">Private use</a>, as per the <ahref="../opsec4levels/index.html">4 basic OPSEC levels</a>.</p>
<h2><b>Why compile even compile software yourself ? </b></h2>
<p>as we have discussed <ahref="../closedsource/index.html">previously</a>, software needs to first be written by a developer, then compiled to produce a binary file (like an .exe file on windows, or a binary file on debian) to be used.</p>
<imgsrc="../closedsource/1.png"class="imgRz">
<p>The largest website to find open-source software repositories is <ahref="https://github.com">Github</a>, where we can find open source projects.</p>
<p>In this case, Bob wants to have a screenshot software on debian, and he wants it to be open-source:</p>
<imgsrc="1.png"class="imgRz">
<p>Here we see that there is a popular screenshot software called "Flameshot" that is available on github:</p>
<imgsrc="2.png"class="imgRz">
<p>All of the sourcecode is available, and Bob if is concerned that there may be spyware, he can browse all of the code to check if there is any spyware in it or not.</p>
<imgsrc="3.png"class="imgRz">
<p>Next, Bob can find the compiled binaries of flameshot in the releases tab:</p>
<imgsrc="4.png"class="imgRz">
<p>But! Bob is an open-source purist, he thinks that the flameshot developers intentionally compiled the software with spyware into it, <b>Bob doesn't trust that they could compile the software for him, hence he wants to compile the software himself.</b></p>
</div>
</div><!-- /row -->
</div><!-- /container -->
</div><!-- /white -->
<divid="anon2">
<divclass="container">
<divclass="row">
<divclass="col-lg-8 col-lg-offset-2">
<h2><b>How to compile software (ex: C++)</b></h2></br></br>
<p>Each software can come with different compilation requirements, make sure you read their documentation on how to compile software, for example <ahref="https://github.com/flameshot-org/flameshot?tab=readme-ov-file#compilation">flameshot</a> has specific instructions to compile their software: </p>
<p>As we run the binary from the commandline, we then see the flameshot program opening here:</p>
<imgsrc="5.png"class="imgRz">
<p>as we click on the logo, we can enter the screenshot mode:</p>
<imgsrc="5.5.png"class="imgRz">
<p>then we click and drag to select the area of the screenshot:</p>
<imgsrc="6.png"class="imgRz">
<p>Then we can click the "save" icon to save the image somewhere:</p>
<imgsrc="7.png"class="imgRz">
</div>
</div><!-- /row -->
</div><!-- /container -->
</div><!-- /white -->
<!-- +++++ Second Post +++++ -->
<divid="anon1">
<divclass="container">
<divclass="row">
<divclass="col-lg-8 col-lg-offset-2">
<h2><b>How to verify software integrity</b></h2></br></br>
<p>Now Bob isn't going to compile everything, he doesn't have that patience. the next best thing is to download the pre-compiled binaries and to check the hash:</p>
<imgsrc="8.png"class="imgRz">
<p>Here in this case, the appimage flameshot binary has been released along with the sha256 algorithm hash, so Bob downlads both:</p>
<p>Here we see that the sha256 hash we get from the flameshot appimage binary is the same as the hash that was put online by the flameshot developers. This means that the binary didn't get tampered with from the original release, to having it inside Bob's debian VM. Hence, Bob can now use the flameshot appimage binary with peace of mind!</p>
Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <ahref="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><imgsrc="\CC0.png">