2015 Hacker's Manual Recommended Security Toolchain

More like install GuixSD (or Nix), because it's devs care about reproducible builds. I didn't see anything about reproducible builds nor binary bootstrapping on gentoo's wiki.
Did you read the website carefully? Compilers can't be trusted, because the earlier version of the same compiler builds the next version. Imagine there was a bug or a malware in the first version of a compiler and it causes every program (including a compiler) to be unsafe.
Here is an example of compiler-based malware:
quora.com/What-is-a-coders-worst-nightmare/answer/Mick-Stute

Attached: 78e.jpg (600x605, 45.84K)

GCC has a build option to do that, but if the initial compiler is compromised, it's useless. I don't think that's intended as a mitigation for these kind of attacks.
At some point you have to assume one compiler in the chain as trusted. Maybe there's something involving old Fortran compilers on bootstrappable.org

What I found (in my admittedly quite short search) was dl.fefe.de/gnupg.dif (linked on fefe.de) - is that the the complete diff of all his patches? Because in blog.fefe.de/?ts=aa285889 he says
>Given the ramshackle state of massive GnuPG code base, its not clear whats the best path forward. A code audit is one possibility, but such reviews typically cost a minimum of $100,000 for complex crypto programs, and it''s not unheard of for the price to be double that.
Seemingly quoting Matt Green of Johns Hopkins University. He then says (translated):
>Or you're lucky and goold ol' Fefe throws you a bunch of patches for free - in his sparetime. And then Werner Koch decides to trash the gifted $100K patch and I have to maintain my own patch in parallel for 9 years.

How do you not know that "Green" is a jewish surname? Never trust a kike, retard. Nearly everyone with surnames containing color words is jewish, most commonly gold, silver, green, roth (red), and schwarz (black).

How is Tor hurt by torrenting?
Why is the rabbi so important to you? Did you get nicked by your mohel?

>triple jewed: paid for jew service, exposed logs to glownigs, anonymously sell data to third-parties in datamarket
baka!
roundrobin AES and Camellia crypto over your Openwrt installed with shadowsocks.
Let me repeat once again:
Tor project is compromised.
arstechnica.com/tech-policy/2016/06/tor-developer-jacob-appelbaum-quits-after-sexual-mistreatment-allegations/
TBB is Soros-compromised.
newstarget.com/2017-08-14-firefox-browsers-will-soon-block-fake-news-flagged-by-george-soros-linked-left-wing-groups.html
Exit nodes glow.

It's been two years since this article. Mind pointing me to something that FF blocks that something like Brave doesn't? I have both installed, just need some search/link suggestions

Any opinions on this?

linux-apps.com/p/1281679/

never mind.