> with process for turning source to binary, you need to trust compiler, cpu, flashing hardware and software and the whole lot of other things.
"We should not solve this solvable problem because other problems exist" is false.
Meanwhile the other problems have solutions, like reproducible builds, so that the attacker not only has to compromise your compiler/CPU/hardware, they also have to compromise any others the output result gets compared by, or one of them will differ and the attack will be detected.
> "We should not solve this solvable problem because other problems exist" is false.
Without commenting on the truthiness of the comment you are replying to, you have constructed a strawman argument here. They weren't saying that the problem shouldn't be solved because other problems exist, rather that it might not be solvable b/c of so and so obstacles that don't seem to have a solution.
The more accurate statement would be "we should not apply this silution because it only solves 60% of the problem. Instead we should despair abd do nothing at all"
"We should not solve this solvable problem because other problems exist" is false.
Meanwhile the other problems have solutions, like reproducible builds, so that the attacker not only has to compromise your compiler/CPU/hardware, they also have to compromise any others the output result gets compared by, or one of them will differ and the attack will be detected.