> I bet you would, though, if the built OS image were 100% reproducible except for the signature.
CryptoSecure, depends how it's done but again neither can be trusted. Especially when you have no control over the silicon running the OS.
I don't trust Linux now. Microsoft got its mits with WSL. RedHat sold-out to IBM and Debian got in bed with Canonical. Arch & Valve I might trust slightly more. They've got to make money somehow /shrug.
I use FreeBSD and I don't trust that either unless I can do make install world, even then I have my suspicions.
They do with enterprise but not the way they do with consumers. There is no point selling data for ads on couple thousand servers for pennies when they make millions with licensing and support.
All the code microsoft, redhat and canonical contribute to linux is open source anyways.
CryptoSecure, depends how it's done but again neither can be trusted. Especially when you have no control over the silicon running the OS.
I don't trust Linux now. Microsoft got its mits with WSL. RedHat sold-out to IBM and Debian got in bed with Canonical. Arch & Valve I might trust slightly more. They've got to make money somehow /shrug.
I use FreeBSD and I don't trust that either unless I can do make install world, even then I have my suspicions.