Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Inhalt bereitgestellt von CCC media team. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von CCC media team oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.
Ähnelt Chaos Computer Club - recent events feed (high quality)
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Three nerds discussing tech, Apple, programming, and loosely related matters.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Marc Fennell and a team of people far smarter than him (his words, not ours) take a fun deep dive into how technology is reshaping our lives.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Embedded is the show for people who love gadgets. Making them, breaking them, and everything in between. Weekly interviews with engineers, educators, and enthusiasts. Find the show, blog, and more at embedded.fm.
…
continue reading
Player FM - Podcast-App
Gehen Sie mit der App Player FM offline!
Gehen Sie mit der App Player FM offline!
))
Boring infrastructure: Building a secure signing environment (froscon2024)
Manage episode 434897534 series 2475293
Inhalt bereitgestellt von CCC media team. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von CCC media team oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.
Many Linux distributions rely on cryptographic signatures for their packages and release artifacts. However, most of the used signing solutions either do not rely on hardware backed private key material or are run in untrusted environments. This presentation will provide a general overview of the [Signstar](https://gitlab.archlinux.org/archlinux/signstar/) project, which is currently under development by Arch Linux to provide a generic signing solution based on a Hardware Security Module (HSM). To improve build automation and general supply chain security for Arch Linux, some of its developers have started to conceptualize and work on a generic, central signing solution: [Signstar](https://gitlab.archlinux.org/archlinux/signstar/). In this context, related work has been evaluated for adoption, but it soon became clear, that to meet the distribution's requirements a custom solution would be implemented. For transparency and auditability reasons Nitrokey's NetHSM has been chosen as Hardware Security Module (HSM). Developers are actively working on a high-level Rust library and CLI to interface with the device over network. In this presentation I will introduce the viewer to some of Arch Linux's relevant history and requirements, the evaluated architecture and setup. Together we will have a look at Signstar's threat model, its design for minimizing credentials exposure of the HSM, as well as its integration with the OpenPGP ecosystem. Additionally, we will explore avenues for future work on other generic cryptographic operations in the context of X.509, SSH and Secure Boot. about this event: https://programm.froscon.org/2024/events/3139.html
…
continue reading
1782 Episoden
Teilen
Manage episode 434897534 series 2475293
Inhalt bereitgestellt von CCC media team. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von CCC media team oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.
Many Linux distributions rely on cryptographic signatures for their packages and release artifacts. However, most of the used signing solutions either do not rely on hardware backed private key material or are run in untrusted environments. This presentation will provide a general overview of the [Signstar](https://gitlab.archlinux.org/archlinux/signstar/) project, which is currently under development by Arch Linux to provide a generic signing solution based on a Hardware Security Module (HSM). To improve build automation and general supply chain security for Arch Linux, some of its developers have started to conceptualize and work on a generic, central signing solution: [Signstar](https://gitlab.archlinux.org/archlinux/signstar/). In this context, related work has been evaluated for adoption, but it soon became clear, that to meet the distribution's requirements a custom solution would be implemented. For transparency and auditability reasons Nitrokey's NetHSM has been chosen as Hardware Security Module (HSM). Developers are actively working on a high-level Rust library and CLI to interface with the device over network. In this presentation I will introduce the viewer to some of Arch Linux's relevant history and requirements, the evaluated architecture and setup. Together we will have a look at Signstar's threat model, its design for minimizing credentials exposure of the HSM, as well as its integration with the OpenPGP ecosystem. Additionally, we will explore avenues for future work on other generic cryptographic operations in the context of X.509, SSH and Secure Boot. about this event: https://programm.froscon.org/2024/events/3139.html
…
continue reading
1782 Episoden
Tous les épisodes
×
Willkommen auf Player FM!
Player FM scannt gerade das Web nach Podcasts mit hoher Qualität, die du genießen kannst. Es ist die beste Podcast-App und funktioniert auf Android, iPhone und im Web. Melde dich an, um Abos geräteübergreifend zu synchronisieren.
Ähnelt Chaos Computer Club - recent events feed (high quality)
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Three nerds discussing tech, Apple, programming, and loosely related matters.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Marc Fennell and a team of people far smarter than him (his words, not ours) take a fun deep dive into how technology is reshaping our lives.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Embedded is the show for people who love gadgets. Making them, breaking them, and everything in between. Weekly interviews with engineers, educators, and enthusiasts. Find the show, blog, and more at embedded.fm.
…
continue reading
Player FM - Podcast-App
Gehen Sie mit der App Player FM offline!
Gehen Sie mit der App Player FM offline!
