MS windows and gnupg

[M.R.]

I agree with you to some extent. I also happen to believe there are
ways of tamper-resistant distribution of binaries that require the
trust in the application provider and no one else; at least not
someone else in the distribution channel. In addition, the ability
of an average end-user to inspect the source is long gone.

There is however one point on which I'd like to comment:

 > For a while I was stuck maintaining a codebase that was 100% ISO C++.
 > The codebase was clean as could be, and was quite a point of pride.
 > Then came the mission to "support MS," and the Autotools system
 > compiled
 > out-of-the-box on MinGW: it was beautiful.  Then came the mission to
 > "support MS under Visual Studio," we switched to CMake, and I
 > immediately spent more time maintaining our fragile build environment
 > than I spent maintaining the codebase.

Indeed, while code can be "standard" and "cross-platform", build
environments (i.e., innumerable variants of "make") are not. We
have no option of avoiding them in ~application development~ but
I firmly believe this is quite different cattle of fish from
~application distribution~.

In the hands of "end-user-source-recipient" *all* components are
compiled in a linear fashion, and any error is typically terminal.
This situation calls for simple shell scripts and not makefiles.
Even if we assume that end user has the ability to intervene in
a failed build process, he will much sooner be able to do so
with a native (i.e., to his run-time OS) shell script than an
arcane file he is probbaly totally unfamiliar with.

Mark R.